Bleeping Computer

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...
Bleeping Computer

Ivanti warns of new Connect Secure flaw used in zero-day attacks

Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it became ...
SDxCentral

Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

Of particular concern, the authoring organizations and industry partners have determined that cyber threat actors are able to deceive Ivanti’s internal and external Integrity Checker Tool (ICT), ...
Ars Technica

Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware

Networks protected by Ivanti VPNs are under active attack by well-resourced hackers who are exploiting a critical vulnerability that gives them complete control over the network-connected devices.
CRN

Ivanti Discloses Fifth Major VPN Vulnerability In A Month

The disclosure of the new high-severity Connect Secure bug comes as three recently discovered Ivanti VPN vulnerabilities are now under mass exploitation. Ivanti published details Thursday on a new, ...
CSOonline

US government agencies ordered to take Ivanti VPN products offline

CISA directive requires US federal agencies to remove the affected software by end of today due to actively exploited vulnerabilities. In January, Ivanti alerted customers that hackers were exploiting ...
Morning Overview on MSN

Ivanti patches a high-severity zero-day in Endpoint Manager that gave attackers remote code execution in targeted attacks

Ivanti has released emergency patches for its Endpoint Manager Mobile platform after confirming that attackers exploited a previously unknown vulnerability to execute code remotely on targeted servers ...
Infosecurity-magazine.com

Chinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities

Chinese threat actors have developed new techniques to move laterally post-exploitation of Ivanti vulnerabilities, new research from Mandiant has revealed. Five suspected China-nexus espionage groups’ ...
dbta

Ivanti Connect Secure Version 25.X Offers Modern OS and SELinux Advances

Ivanti, a global enterprise IT and security software company, is releasing Ivanti Connect Secure (ICS) version 25.X, aiming to redefine VPN security. According to the company, the new ICS release ...
Dark Reading

Chinese APT Developing Exploits to Defeat Already Patched Ivanti Users

A Chinese espionage group is on the verge of developing malware that can persist in Ivanti edge devices even after patches, upgrades, and factory resets. Once-delayed patches finally began to roll out ...
Dark Reading

CISA Orders Ivanti VPN Appliances Disconnected: What to Do

The United States Cybersecurity and Infrastructure Security Agency (CISA) has given Federal Civilian Executive Branch agencies 48 hours to rip out all Ivanti appliances in use on federal networks, ...