Dark Reading

Sunken Ships: Will Orgs Learn From Ivanti EPMM Attacks?

The zero-day exploitations of Ivanti's MDM platform meant unprecedented pwning of 1000s of orgs by a Chinese APT — and ...
Ars Technica

As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...
Hosted on MSN

Ivanti patches two zero-days that could lead to RCE in Endpoint Manager Mobile

Ivanti patched two flaws being chained to mount RCE attacks A "limited number" of companies were allegedly compromised Only on-prem products are affected Ivanti has released a patch for two ...
Ars Technica

Ivanti CEO pledges to “fundamentally transform” its hard-hit security model

Ivanti, the remote-access company whose remote-access products have been battered by severe exploits in recent months, has pledged a “new era,” one that “fundamentally transforms the Ivanti security ...
VentureBeat

How Ivanti hopes to redefine cybersecurity with AI

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Widening gaps in cybersecurity tech stacks ...
Bleeping Computer

Ivanti fixes EPMM zero-days chained in code execution attacks

Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. "Ivanti has released ...
Bleeping Computer

Newest Ivanti SSRF zero-day now under mass exploitation

An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers. Ivanti first ...

Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws

Security engineers have released a proof-of-concept exploit for four critical Ivanti Endpoint Manager bugs, giving those who ...
CRN

CISA: Attackers Are Bypassing Ivanti VPN Bug Mitigations

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...
Infosecurity-magazine.com

New Fortinet and Ivanti Zero Days Exploited in the Wild

Fortinet and Ivanti have warned customers that attackers are exploiting new zero day vulnerabilities affecting a range of products. The tech firms published separate advisories on the flaws, one of ...
Business Wire

Ivanti Names Software Industry Leader Dennis Kozak as CEO

SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the software company that breaks down barriers between IT and security so that Everywhere Work can thrive, announced today that it has named current Ivanti COO ...
SiliconANGLE

Ivanti discloses critical VPN vulnerability being actively targeted by hackers

Hackers are actively targeting deployments of some Ivanti Inc. software products using a newly discovered security vulnerability. The company disclosed the exploit, which is tracked as CVE-2025-0282, ...