Vulnerabilities Ivanti Patches Critical Vulnerabilities in Endpoint Manager Ivanti has released patches for multiple vulnerabilities in Endpoint Manager (EPM), including four critical-severity flaws. Ionut Arghire6 days ago
Vulnerabilities Many Ivanti VPNs Still Unpatched as UK Domain Registry Emerges as Victim of Exploitation Many Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability tracked as CVE-2025-0282 and Nominet has been named as a victim. Eduard KovacsJanuary 14, 2025
Malware & Threats Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies. Eduard KovacsJanuary 9, 2025
Malware & Threats Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product Ivanti confirms zero-day exploitation of a remotely exploitable code execution flaw in its Connect Security product line. Ryan NaraineJanuary 8, 2025
Vulnerabilities Ivanti Patches Critical Flaws in Connect Secure, Cloud Services Application Ivanti has released patches for critical vulnerabilities in Cloud Services Application, Connect Secure, and Policy Secure. Ionut ArghireDecember 11, 2024
Vulnerabilities Ivanti Patches 50 Vulnerabilities Across Several Products Ivanti has released fixes for dozens of vulnerabilities in Endpoint Manager, Avalanche, Connect Secure, Policy Secure, and Secure Access Client. Ionut ArghireNovember 13, 2024
Nation-State Chinese State Hackers Main Suspect in Recent Ivanti CSA Zero-Day Attacks Fortinet believes state-sponsored threat actors are behind the recent attacks involving exploitation of Ivanti CSA zero-days. Eduard KovacsOctober 14, 2024
Vulnerabilities Ivanti Warns Customers of More CSA Zero-Days Exploited in Attacks Ivanti says a few more CSA zero-day vulnerabilities have been found to be exploited in attacks where they are chained with CVE-2024-8963. Eduard KovacsOctober 9, 2024
Vulnerabilities Ivanti EPM Vulnerability Exploited in the Wild An Ivanti EPM SQL injection vulnerability tracked as CVE-2024-29824 has been exploited to target some of the company’s customers. Eduard KovacsOctober 3, 2024
Vulnerabilities Third Recent Ivanti Vulnerability Exploited in the Wild CVE-2024-7593 is the third Ivanti product vulnerability patched in recent months that has been exploited in the wild. Eduard KovacsSeptember 25, 2024
Vulnerabilities Ivanti Warns of Second CSA Vulnerability Exploited in Attacks In addition to the Ivanti CSA flaw CVE-2024-8190, another vulnerability affecting the same product, tracked as CVE-2024-8963, has been exploited. Eduard KovacsSeptember 20, 2024
Vulnerabilities Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure The Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure. Eduard KovacsSeptember 16, 2024