A recently addressed duo of security weaknesses impacting Ivanti Endpoint Manager Mobile (EPMM) software has been leveraged by a China-linked threat entity to aim at a diverse array of sectors throughout Europe, North America, and the Asia-Pacific area.
The vulnerabilities, identified as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), may be interconnected to run arbitrary code on a