@mattjay.com on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

Matt Johansen

mattjay.com

did:plc:t6u5bkl7wvnzgkx36kmmh43p

Group recently exploited Ivanti Pulse Connect VPN 0day (CVE-2025-0282) in January. Also abusing service principals and OAuth apps with admin perms for email/OneDrive/SharePoint exfil via MSGraph. (screenshot from: https://unit42.paloaltonetworks.com/threat-brief-ivanti-cve-2025-0282-cve-2025-0283/)

2025-03-05T23:57:06.971Z