Beautiful Virgin Islands

Thursday, Oct 30, 2025

Suspected Chinese hackers exploited Pulse Secure VPN to compromise 'dozens' of agencies and companies in US and Europe

Suspected Chinese hackers exploited Pulse Secure VPN to compromise 'dozens' of agencies and companies in US and Europe

For months, hackers with suspected ties to China have exploited a popular workplace tool to break into government agencies, defense companies and financial institutions in the US and Europe, according to a report by the cybersecurity firm FireEye.

The attackers who exploited Pulse Secure are extremely sophisticated and used their access to steal account credentials and other sensitive data belonging to victim organizations, said Charles Carmakal, FireEye's senior vice president.

"These actors are highly skilled and have deep technical knowledge of the Pulse Secure product," Carmakal said.

Some of the intrusions using the vulnerabilities began as early as August of last year, according to FireEye's report. The group conducting those attacks may be working for the Chinese government, the report said, and Carmakal added that "there are some similarities between portions of this activity and a Chinese actor we call APT5."

Other actors have exploited the vulnerabilities as well, though FireEye said it's unclear whether they may be linked to a particular government.

In a blog post, Pulse Secure said the newly discovered flaw affects a "very limited number of customers" and that a more permanent software update to address that vulnerability will be issued in early May. Software patches already exist for the other vulnerabilities.

"The Pulse Connect Secure (PCS) team is in contact with a limited number of customers who have experienced evidence of exploit behavior on their PCS appliances," Pulse Secure said. "The PCS team has provided remediation guidance to these customers directly."

It added: "Customers are also encouraged to apply and leverage the efficient and easy-to-use Pulse Secure Integrity Checker Tool to identify any unusual activity on their system."

CISA said that since March 31, it has assisted "multiple entities" whose vulnerable products have been exploited by a cyber threat actor.

"CISA has been working closely with Ivanti, Inc. to better understand the vulnerability in Pulse Secure VPN devices and mitigate potential risks to federal civilian and private sector networks," Nicky Vogt, an agency spokesperson, said Tuesday. "We will continue to provide guidance and recommendations to support potentially impacted organizations."

Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
UK and Vietnam Sign Landmark Migration Deal to Fast-Track Returns of Irregular Arrivals
UK Drug-Pricing Overhaul Essential for Life-Sciences Ambition, Says GSK Chief
Princesses Beatrice and Eugenie Temporarily Leave the UK Amid Their Parents’ Royal Fallout
UK Weighs Early End to Oil and Gas Windfall Tax as Reeves Seeks Investment Commitments
UK Retail Inflation Slows as Shop Prices Fall for First Time Since Spring
Next Raises Full-Year Profit Guidance After Strong Third-Quarter Performance
Reform UK’s Lee Anderson Admits to 'Gaming' Benefits System While Advocating Crackdown
United States and South Korea Conclude Major Trade Accord Worth $350 Billion
Hurricane Melissa Strikes Cuba After Devastating Jamaica With Record Winds
Vice President Vance to Headline Turning Point USA Campus Event at Ole Miss
U.S. Targets Maritime Narco-Routes While Border Pressure to Mexico Remains Limited
Bill Gates at 70: “I Have a Real Fear of Artificial Intelligence – and Also Regret”
Elon Musk Unveils Grokipedia: An AI-Driven Alternative to Wikipedia
Saudi Arabia Unveils Vision for First-Ever "Sky Stadium" Suspended Over Desert Floor
Amazon Announces 14 000 Corporate Job Cuts as AI Investment Accelerates
UK Shop Prices Fall for First Time Since March, Food Leads the Decline
London Stock Exchange Group ADR (LNSTY) Earns Zacks Rank #1 Upgrade on Rising Earnings Outlook
Soap legend Tony Adams, long-time star of Crossroads, dies at 84
Rachel Reeves Signals Tax Increases Ahead of November Budget Amid £20-50 Billion Fiscal Gap
NatWest Past Gains of 314% Spotlight Opportunity — But Some Key Risks Remain
UK Launches ‘Golden Age’ of Nuclear with £38 Billion Sizewell C Approval
UK Announces £1.08 Billion Budget for Offshore Wind Auction to Boost 2030 Capacity
UK Seeks Steel Alliance with EU and US to Counter China’s Over-Capacity
UK Struggles to Balance China as Both Strategic Threat and Valued Trading Partner
Argentina’s Markets Surge as Milei’s Party Secures Major Win
British Journalist Sami Hamdi Detained by U.S. Authorities After Visa Revocation Amid Israel-Gaza Commentary
King Charles Unveils UK’s First LGBT+ Armed Forces Memorial at National Memorial Arboretum
At ninety-two and re-elected: Paul Biya secures eighth term in Cameroon amid unrest
Racist Incidents Against UK Nurses Surge by 55%
UK Chancellor Rachel Reeves Cites Shared Concerns With Trump Administration as Foundation for Early US-UK Trade Deal
Essentra plc: A Closer Look at a UK ‘Penny Stock’ Opportunity Amid Market Weakness
U.S. and China Near Deal to Avert Rare-Earth Export Controls Ahead of Trump-Xi Summit
Justin time: Justin Herbert Shields Madison Beer with Impressive Reflex at Lakers Game
Russia’s President Putin Declares Burevestnik Nuclear Cruise Missile Ready for Deployment
Giuffre’s Memoir Alleges Maxwell Claimed Sexual Act with Clooney
House Republicans Move to Strip NYC Mayoral Front-Runner Zohran Mamdani of U.S. Citizenship
Record-High Spoiled Ballots Signal Voter Discontent in Ireland’s 2025 Presidential Election
Philippines’ Taal Volcano Erupts Overnight with 2.4 km Ash Plume
Albania’s Virtual AI 'Minister' Diella Set to 'Birth' Eighty-Three Digital Assistants for MPs
Tesla Unveils Vision for Optimus V3 as ‘Biggest Product of All Time’, Including Surgical Capabilities
Francis Ford Coppola Auctions Luxury Watches After Self-Financed Film Flop
Convicted Sex Offender Mistakenly Freed by UK Prison Service Arrested in London
United States and China Begin Constructive Trade Negotiations Ahead of Trump–Xi Summit
U.S. Treasury Sanctions Colombia’s President Gustavo Petro over Drug-Trafficking Allegations
Miss USA Crowns Nebraska’s Audrey Eckert Amid Leadership Overhaul
‘I Am Not Done’: Kamala Harris Signals Possible 2028 White House Run
NBA Faces Integrity Crisis After Mass Arrests in Gambling Scandal
Swift Heist at the Louvre Sees Eight French Crown Jewels Stolen in Under Seven Minutes
U.S. Halts Trade Talks with Canada After Ontario Ad Using Reagan Voice Triggers Diplomatic Fallout
Microsoft AI CEO: ‘We’re making an AI that you can trust your kids to use’ — but can Microsoft rebuild its own trust before fixing the industry’s?
×