Dark Reading

Sunken Ships: Will Orgs Learn From Ivanti EPMM Attacks?

The zero-day exploitations of Ivanti's MDM platform meant unprecedented pwning of 1000s of orgs by a Chinese APT — and ...
acm.org

Turning Servers Against the Cloud

You expect the guardians at the gate of any system to keep attacks out; you don’t expect them to turn against internal systems and networks and ravage those on behalf of threat actors. Yet that’s what ...
TechRadar

These two Ivanti bugs are allowing hackers to target cloud instances - so patch now

New research points to flaws used in targets against cloud instances The flaws were previously found in on-prem attacks Ivanti released a patch so apply it now Two bugs affecting Ivanti’s Endpoint ...
CSOonline

Ivanti EPM vulnerabilities actively exploited in the wild, CISA warns

Three of the four critical path traversal flaws fixed in January in Ivanti Endpoint Manager are being exploited in cyberattacks after proof-of-concept exploit code was released last month. The US ...
Computer Weekly

Mandiant: Latest Ivanti vulns exploited by Chinese cyber spooks

Security supplier Ivanti has once again found itself at the centre of an expanding series of breaches after it emerged that two freshly disclosed vulnerabilities in a number of its products are likely ...
SiliconANGLE

Ivanti discloses critical VPN vulnerability being actively targeted by hackers

Hackers are actively targeting deployments of some Ivanti Inc. software products using a newly discovered security vulnerability. The company disclosed the exploit, which is tracked as CVE-2025-0282, ...
Bleeping Computer

Ivanti warns high severity CSA flaw is now exploited in attacks

Ivanti confirmed on Friday that a high-severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited in attacks. "At the time of disclosure on September 10, we were ...
CSOonline

Newly patched Ivanti CSA flaw under active exploitation

The Cloud Service Appliance command injection vulnerability — patched as part of the final update for end-of-life CSA version 4.6 — has been attacked in the wild, Ivanti confirms. IT management ...
heise online

Ivanti: Updates against critical leaks in Endpoint Manager and other products

Ivanti has discovered security vulnerabilities, some of them critical, in several products. Updates to correct the security-relevant errors are available for Ivanti's Endpoint Manager, Workspace ...
TechRadar

Ivanti patches serious endpoint management software security bugs, so update now

Ivanti has released a patch for a critical security vulnerability, advising users to apply it immediately to secure their infrastructure. In an advisory, Ivanti said it had uncovered a deserialization ...
Bleeping Computer

Ivanti fixes maximum severity RCE bug in Endpoint Management software

Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server. Ivanti EPM helps ...