A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to the same network.
First seen on darkreading.com
Jump to article: www.darkreading.com/cyber-risk/initial-access-broker-self-patches-zero-days
