Just yesterday Ivanti warned that as part of an internal review it had found the new vulnerability, which “allows an attacker to access certain restricted resources without authentication.” ...

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...

CISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple actively exploited bugs before Saturday. This required action is ...

Malicious hackers have begun mass-exploiting two critical zero-day vulnerabilities in Ivanti’s widely used corporate VPN appliance. That’s according to cybersecurity company Volexity, which first ...

U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely used corporate VPN appliance, but said that patches won’t be available ...

The disclosure of the new high-severity Connect Secure bug comes as three recently discovered Ivanti VPN vulnerabilities are now under mass exploitation. Ivanti published details Thursday on a new, ...

The software maker announced that a stack-based buffer overflow flaw in its SSL VPN appliance has been exploited in the wild. Ivanti Policy Secure and Ivanti Neurons for ZTA gateways are also impacted ...

The Cybersecurity and Infrastructure Security Agency was targeted in a hack last month that forced the agency to take two key systems offline, according to media reports late last week. CISA, the top ...

U.S. cybersecurity agency CISA has ordered federal agencies to urgently disconnect Ivanti VPN appliances given the risk of malicious exploitation due to multiple software flaws. In an update to an ...

Ivanti Secure VPN is a popular remote access VPN solution used by businesses, organizations and governments worldwide. Unfortunately, five new zero-day vulnerabilities in Ivanti have been discovered ...

Hackers are actively targeting deployments of some Ivanti Inc. software products using a newly discovered security vulnerability. The company disclosed the exploit, which is tracked as CVE-2025-0282, ...