CSO Online

CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws

Patched vulnerabilities in Ivanti Endpoint Manager and Cisco Catalyst SD-WAN are under attack, according to the US security agency, which added reporting requirements to its previous Cisco directive.
Dark Reading

Ivanti Zero-Day Exploits Skyrocket Worldwide; No Patches Yet

Thousands of Ivanti VPN instances have been compromised across the globe in the last five days thanks to two serious, as yet unpatched zero-day vulnerabilities disclosed last week. Ivanti Connect ...

CISA warns that RESURGE malware can be dormant on Ivanti devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...
CSO Online

Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers

Palo Alto Networks’ Unit 42 says two critical flaws are being actively abused to gain unauthenticated access, deploy persistent backdoors, and compromise entire enterprise mobile fleets even after ...
Dark Reading

More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll

Ivanti has finally begun patching a pair of zero-day security vulnerabilities disclosed on Jan. 10 in its Connect Secure VPN appliances. However, it also announced two additional bugs today in the ...
NewsBytes

Nearly half of last year's zero-days targeted enterprise devices: Google

Google's latest report reveals a worrying trend: in 2025, approximately half of all tracked zero-day bugs targeted vulnerable enterprise technology.