https://www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/

Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025.

Tracked as CVE-2025-22457, this critical security flaw is due to a stack-based buffer overflow weakness. It impacts Pulse Connect Secure 9.1x (which reached end-of-support in December), Ivanti Connect Secure 22.7R2.5 and earlier, Policy Secure, and Neurons for ZTA gateways.