VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report

Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN ...

CISA warns that RESURGE malware can be dormant on Ivanti devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...
SiliconANGLE

Report: Hackers used Ivanti vulnerabilities to breach two CISA systems

Hackers have gained access to two applications operated by the U.S. Cybersecurity and Infrastructure Security Agency, The Record reported today. A CISA spokesperson confirmed the breach in a statement ...
Morning Overview on MSN

VPN bugs let Chinese hackers break into dozens of Ivanti customers

Chinese state-sponsored hackers exploited flaws in Ivanti’s VPN software to breach at least 119 organizations, including the company’s own data-center network, according to a new investigation. The ...

One threat actor responsible for 83% of recent Ivanti RCE attacks

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as ...
SecurityWeek

Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025

Exploitation of two recently patched Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities, which had been zero-days, has surged.
Opinion

Dutch data watchdog snitches on itself after getting caught in Ivanti zero-day attacks

Staff data belonging to the regulator and judiciary's governing body accessed The Dutch Data Protection Authority (AP) says it was one of the many organizations popped when attackers raced to exploit ...
Business Wire

Ivanti Launches Ring Deployment to Reduce Patch Risk and Help Customers Address the Evolving Threat Landscape

SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the enterprise software company that provides a comprehensive IT and security cloud-based platform, has launched Ring Deployment in Ivanti Neurons for Patch ...
Ars Technica

As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...
Dark Reading

CISA Orders Ivanti VPN Appliances Disconnected: What to Do

The United States Cybersecurity and Infrastructure Security Agency (CISA) has given Federal Civilian Executive Branch agencies 48 hours to rip out all Ivanti appliances in use on federal networks, ...
Business Wire

Ivanti Report Reveals that 72% of Professionals Say IT And Security Data is Siloed in Their Organization

SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the tech company that breaks down barriers between IT and security so that Everywhere Work can thrive, released the results of its 2024 State of Cybersecurity ...
TechCrunch

Ivanti patches two zero-days under attack, but finds another

Ivanti warned on Wednesday that hackers are exploiting another previously undisclosed zero-day vulnerability affecting its widely used corporate VPN appliance. Since early December, Chinese ...