Dark Reading

Threat Actors Exploit a Critical Ivanti RCE Bug, Again

A Chinese threat actor is once again exploiting Ivanti remote access devices at large. It all started last January, when two serious vulnerabilities were discovered in Ivanti's Connect Secure (ICS) ...
Government Technology

Federal Cyber Agency Offlines 2 Systems After Ivanti Hack

After issuing a warning about Ivanti zero-day vulnerabilities, the federal Cybersecurity and Infrastructure Security Agency (CISA) has now suffered a pair of breaches because of the incident. Hackers ...
Yahoo

NSA says it's tracking Ivanti cyberattacks as hackers hit US defense sector

The U.S. National Security Agency has confirmed that hackers exploiting flaws in Ivanti’s widely used enterprise VPN appliance have targeted organizations across the U.S. defense sector. NSA ...
CSOonline

Ivanti patches two EPMM flaws exploited in the wild

The vulnerabilities located in third-party open-source libraries impact Ivanti’s mobile device management appliance and can lead to unauthenticated remote code execution. IT software company Ivanti ...
Business Wire

Ivanti Receives German Federal Office for Information Security (BSI) Clearance for Ivanti Endpoint Manager Mobile (EPMM) for use with Apple® iNDIGO Devices

FRANKFURT, Germany--(BUSINESS WIRE)--Ivanti, the tech company that breaks down barriers between IT and security so that Everywhere Work can thrive, has been accepted into BSI's certification program ...
SDxCentral

Ivanti updates Connect Secure, Policy Secure for CVE-2025-22457 vulnerabilities

For any instances of Ivanti Connect Secure that were not updated by Feb. 28, 2025, to the latest Ivanti patch (22.7R2.6) and all instances of Pulse Connect Secure (EoS), Policy Secure, and ZTNA ...
EdTech

Review: Ivanti Unified Endpoint Manager Eases Device Visibility

John Breeden II is an award-winning reviewer with more than 20 years of experience covering technology. Follow him on Twitter @TheLabGuys. Higher education institutions handle a lot of sensitive ...
SDxCentral

CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities

The Ivanti Integrity Checker Tool is not sufficient to detect compromise due to the ability of threat actors to deceive it, and A cyber threat actor may be able to gain root-level persistence despite ...
techtimes

CISA Systems Hacked: Ivanti Vulnerabilities Exploited, Urgent Security Measures Advised

Officials from the Cybersecurity and Infrastructure Security Agency (CISA) recently disclosed a successful hack of the agency's systems in February that involved hackers taking advantage of flaws in ...
Bleeping Computer

Ivanti warns of critical flaws in its Avalanche MDM solution

Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command ...
Bleeping Computer

CISA cautions against using hacked Ivanti VPN gateways even after factory resets

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to ...
Digital Journal

Ivanti flaw exploited by Chinese hackers

It has been revealed that Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide. The vulnerabilities ...