Hackers are actively targeting deployments of some Ivanti Inc. software products using a newly discovered security vulnerability. The company disclosed the exploit, which is tracked as CVE-2025-0282, ...

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...

The company’s Connect Secure VPN is also vulnerable to a second, high-severity flaw, Ivanti says. Ivanti disclosed Wednesday that a critical-severity, zero-day vulnerability impacting its widely used ...

Malicious hackers have begun mass-exploiting two critical zero-day vulnerabilities in Ivanti’s widely used corporate VPN appliance. That’s according to cybersecurity company Volexity, which first ...

Nominet warns customers about a recent cyberattack The company says the attackers abused an Ivanti zero-day So far, there is no evidence of data tampering or backdoor dropping Top domain registrar ...

The United States Cybersecurity and Infrastructure Security Agency (CISA) has given Federal Civilian Executive Branch agencies 48 hours to rip out all Ivanti appliances in use on federal networks, ...

US Government agencies using Ivanti Connect Secure and Ivanti Policy Secure have been told to disconnect these solutions immediately and not turn them back on until they’re absolutely certain they’ve ...

CISA directive requires US federal agencies to remove the affected software by end of today due to actively exploited vulnerabilities. In January, Ivanti alerted customers that hackers were exploiting ...

U.S. cybersecurity agency CISA has ordered federal agencies to urgently disconnect Ivanti VPN appliances given the risk of malicious exploitation due to multiple software flaws. In an update to an ...

Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used ...

To prevent attacks on Windows computers with the Ivanti Secure Access Client (ISAC) remote access software, administrators should install an up-to-date version. However, according to the developers, ...

Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server. Ivanti EPM helps ...