The Cybersecurity and Infrastructure Security Agency directed all federal agencies to disconnect themselves from a suite of Ivanti products by Friday, citing the discovery of two additional security ...

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...

At the end of 2023 and into 2024, a series of vulnerabilities in Ivanti Policy Secure network access control (NAC), Ivanti Connect Secure secure socket layer virtual private network (SSL VPN), and ...

U.S. software giant Ivanti has warned that a zero-day vulnerability in its widely used enterprise VPN appliance has been exploited to compromise the networks of its corporate customers. The company ...

Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it became ...

Malicious hackers have begun mass-exploiting two critical zero-day vulnerabilities in Ivanti’s widely used corporate VPN appliance. That’s according to cybersecurity company Volexity, which first ...

One of the organizations compromised through a recently-discovered flaw in Ivanti products was, ironically enough, the US government's Cybersecurity and Infrastructure Security Agency (CISA).

If it ain't broke? A suspected Chinese government spy group is behind the rash of attacks that exploit two Ivanti bugs that can be chained together to achieve unauthenticated remote code execution ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Widening gaps in cybersecurity tech stacks ...

Ivanti has released security updates for several products. Some of the vulnerabilities that have been closed pose a critical risk. Admins should therefore apply the available updates quickly. Ivanti ...

Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. "Ivanti has released ...