China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March

Ivanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-224…