Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan ...

Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control (NAC) appliances are now under mass exploitation. As discovered by threat intelligence ...

U.S. software giant Ivanti has warned that a zero-day vulnerability in its widely used enterprise VPN appliance has been exploited to compromise the networks of its corporate customers. The company ...

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...

Ivanti, a global enterprise IT and security software company, is releasing Ivanti Connect Secure (ICS) version 25.X, aiming to redefine VPN security. According to the company, the new ICS release ...

While no patches are available yet, Ivanti urged customers to ‘apply the mitigation immediately,’ with threat actors now exploiting the flaws to carry out worldwide attacks. Volexity researchers who ...

Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM), Ivanti Avalanche, Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Security Access Client.

Hackers are actively targeting deployments of some Ivanti Inc. software products using a newly discovered security vulnerability. The company disclosed the exploit, which is tracked as CVE-2025-0282, ...

Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used ...

Two critically severe zero-day vulnerabilities in devices running Ivanti VPN services are being actively exploited by Chinese nation-state actors for unauthenticated remote code execution, according ...