Cyber threat actors have weaponized two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities—CVE-2025-4427 and CVE-2025-4428—to deploy sophisticated malicious loaders and listeners on compromised servers. The malware consists of two sets of components: Loader 1 (web-install.jar, ReflectUtil.class, SecurityHandlerWanListener.class) and Loader 2 (web-install.jar, WebAndroidAppInstaller.class), both designed to inject arbitrary code and maintain persistence on Apache Tomcat deployments. […]
The post CISA Alerts of Hackers Targeting Ivanti Endpoint Manager Mobile Vulnerabilities to Distribute Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
The original article found on GBHackers Security | #1 Globally Trusted Cyber Security News Platform Read More
