Malware & Threats Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors A Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors. Ionut Arghire23 hours ago
Vulnerabilities Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities Wiz warns that threat actors are chaining two recent Ivanti vulnerabilities to achieve unauthenticated remote code execution. Ionut Arghire3 days ago
Vulnerabilities Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers Ivanti has released patches for two EPMM vulnerabilities that have been chained in the wild for remote code execution. Ionut ArghireMay 14, 2025
Data Breaches Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances The latest Verizon DBIR landed this week with a startling statistic about the security posture of VPNs and network edge devices. Ryan NaraineApril 24, 2025
Incident Response Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices. Ryan NaraineApril 11, 2025
Vulnerabilities Vulnerabilities Patched by Ivanti, VMware, Zoom Ivanti, VMware, and Zoom released fixes for dozens of vulnerabilities in their products on April 2025 Patch Tuesday. Ionut ArghireApril 9, 2025
Vulnerabilities Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers. Ionut ArghireApril 8, 2025
Malware & Threats Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. Ryan NaraineApril 3, 2025
Malware & Threats CISA Analyzes Malware Used in Ivanti Zero-Day Attacks CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. Ionut ArghireMarch 31, 2025
Vulnerabilities CISA Warns of Ivanti EPM Vulnerability Exploitation CISA has added three critical-severity flaws in Ivanti EPM to its Known Exploited Vulnerabilities catalog. Ionut ArghireMarch 11, 2025
Vulnerabilities PoC Exploit Published for Critical Ivanti EPM Vulnerabilities Proof-of-concept (PoC) code and technical details on four critical-severity Ivanti EPM vulnerabilities are now available. Ionut ArghireFebruary 20, 2025
Vulnerabilities Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities Ivanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products. Ionut ArghireFebruary 12, 2025
Malware & Threats FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know The US government shared exploit chains, IOCs and post-incident forensics data to help network defenders hunt for signs of Chinese hacking gangs. Ryan NaraineJanuary 22, 2025
Vulnerabilities Ivanti Patches Critical Vulnerabilities in Endpoint Manager Ivanti has released patches for multiple vulnerabilities in Endpoint Manager (EPM), including four critical-severity flaws. Ionut ArghireJanuary 15, 2025
Vulnerabilities Many Ivanti VPNs Still Unpatched as UK Domain Registry Emerges as Victim of Exploitation Many Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability tracked as CVE-2025-0282 and Nominet has been named as a victim. Eduard KovacsJanuary 14, 2025
Malware & Threats Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies. Eduard KovacsJanuary 9, 2025
Malware & Threats Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product Ivanti confirms zero-day exploitation of a remotely exploitable code execution flaw in its Connect Security product line. Ryan NaraineJanuary 8, 2025
Vulnerabilities Ivanti Patches Critical Flaws in Connect Secure, Cloud Services Application Ivanti has released patches for critical vulnerabilities in Cloud Services Application, Connect Secure, and Policy Secure. Ionut ArghireDecember 11, 2024
Vulnerabilities Ivanti Patches 50 Vulnerabilities Across Several Products Ivanti has released fixes for dozens of vulnerabilities in Endpoint Manager, Avalanche, Connect Secure, Policy Secure, and Secure Access Client. Ionut ArghireNovember 13, 2024
Nation-State Chinese State Hackers Main Suspect in Recent Ivanti CSA Zero-Day Attacks Fortinet believes state-sponsored threat actors are behind the recent attacks involving exploitation of Ivanti CSA zero-days. Eduard KovacsOctober 14, 2024