UNC5221 China-Nexus 
Threat Actor Actively Exploiting Ivanti EPMM (CVE-2025-4428). Victims include:
Germany's top telecom provider & defense contractors
UK healthcare institutions tied to NHS
U.S. pharma, aviation, and mobile security companies
Leading APAC banks and automotive tech firms
Multiple EU local governments & research institutes
blog.eclecticiq.com/china-nexus-th