SecurityWeek

Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025

Exploitation of two recently patched Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities, which had been zero-days, has surged.
CSO Online

Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers

Palo Alto Networks’ Unit 42 says two critical flaws are being actively abused to gain unauthenticated access, deploy persistent backdoors, and compromise entire enterprise mobile fleets even after ...
TechCrunch

US, Norway say hackers have been exploiting Ivanti zero-day since April

Hackers exploited a zero-day flaw in Ivanti’s mobile endpoint management software undetected for at least three months, U.S. and Norwegian cybersecurity agencies have warned. It was confirmed last ...
TechCrunch

CISA issues warning about another Ivanti flaw under active attack

Hackers are exploiting yet another vulnerability in one of Ivanti’s widely used enterprise products, the U.S. government’s cybersecurity agency CISA warned in a fresh alert this week. The remote code ...
Bleeping Computer

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...
techtimes

Ivanti Firmware Appears to Be Vulnerable to Multiple Security Flaws: Here's the Alarming Part

Ivanti Connect Secure and Policy Secure endpoints have been left vulnerable to a series of security flaws, posing significant risks to organizations relying on these products for secure access and ...
EDN

Ivanti Launches License Optimizer to Manage and Enhance Complex Server- and Data Center-Based Enterprise Software

Ivanti License Optimizer helps asset managers understand even the most complicated server-based enterprise software, including those offered by Oracle, Microsoft, VMware and IBM. These data center ...
Bleeping Computer

Ivanti warns critical EPM bug lets hackers hijack enrolled devices

Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack enrolled devices or the core server. Ivanti ...
Infosecurity-magazine.com

Chinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities

Chinese threat actors have developed new techniques to move laterally post-exploitation of Ivanti vulnerabilities, new research from Mandiant has revealed. Five suspected China-nexus espionage groups’ ...
Ars Technica

Agencies using vulnerable Ivanti products have until Saturday to disconnect them

Federal civilian agencies have until midnight Saturday morning to sever all network connections to Ivanti VPN software, which is currently under mass exploitation by multiple threat groups. The US ...
Dark Reading

Chinese APT Developing Exploits to Defeat Already Patched Ivanti Users

A Chinese espionage group is on the verge of developing malware that can persist in Ivanti edge devices even after patches, upgrades, and factory resets. Once-delayed patches finally began to roll out ...
Infosecurity-magazine.com

Ivanti: Three CSA Zero-Days Are Being Exploited in Attacks

Customers of Ivanti’s Cloud Services Appliance (CSA) have been urged to update their product immediately after the vendor released details of three zero-day vulnerabilities that are being exploited in ...