Ivanti makes dedicated fans of Chinese spies who just can't resist attacking its buggy kit

A suspected Chinese government spy group is behind the rash of attacks that exploit two Ivanti bugs that can be chained together to achieve unauthenticated remote code execution (RCE), according to analysts at threat intelligence outfit EclecticIQ.

The exploits began on May 15, we're told, and targeted organizations in the healthcare, telecommunications, aviation, municipal government, finance, and defense sectors. Attackers went after entities across Europe, North America, and Asia-Pacific.

Targets include UK local government authorities and National Health Service institutions, the "largest" German telecommunications provider and its managed IT service provider subsidiaries, and an Irish aerospace leasing company, North American healthcare companies, and a US transport infrastructure entity that manages airport systems in Houston, we understand.

The suspected spies also went after a multi-national bank operating in South Korea, and a Japanese automotive parts supplier known for advanced electronics and powertrain systems, we're told.

Ivanti did not immediately ...