Particle.news

Download on the App Store

UK Domain Registry Nominet Confirms Network Breach via Ivanti VPN Zero-Day Exploit

Hackers exploited a critical vulnerability in Ivanti's VPN software, prompting Nominet to restrict access and investigate the intrusion.

  • Nominet, which manages over 11 million .uk domains, reported a network breach linked to an Ivanti Connect Secure zero-day vulnerability (CVE-2025-0282).
  • The breach occurred in late December 2024 and was facilitated through Ivanti's VPN software, used for remote access by Nominet employees.
  • Nominet stated that there is currently no evidence of data theft, leakage, or backdoors being deployed on its systems.
  • Cybersecurity firm Mandiant attributed the exploitation to a suspected China-linked espionage group, UNC5337, using both known and novel malware tools.
  • Ivanti has released patches for some affected systems, but additional fixes for other vulnerable products are expected by January 21, 2025.
Hero image