TechCrunch

CISA issues warning about another Ivanti flaw under active attack

Hackers are exploiting yet another vulnerability in one of Ivanti’s widely used enterprise products, the U.S. government’s cybersecurity agency CISA warned in a fresh alert this week. The remote code ...
Bleeping Computer

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...
Bleeping Computer

Ivanti warns critical EPM bug lets hackers hijack enrolled devices

Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack enrolled devices or the core server. Ivanti ...
techtimes

Ivanti Firmware Appears to Be Vulnerable to Multiple Security Flaws: Here's the Alarming Part

Ivanti Connect Secure and Policy Secure endpoints have been left vulnerable to a series of security flaws, posing significant risks to organizations relying on these products for secure access and ...
EDN

Ivanti Launches License Optimizer to Manage and Enhance Complex Server- and Data Center-Based Enterprise Software

Ivanti License Optimizer helps asset managers understand even the most complicated server-based enterprise software, including those offered by Oracle, Microsoft, VMware and IBM. These data center ...
TechCrunch

Researchers say attackers are mass-exploiting new Ivanti VPN flaw

Hackers have begun mass exploiting a third vulnerability affecting Ivanti’s widely used enterprise VPN appliance, new public data shows. Last week, Ivanti said it had discovered two new security flaws ...
Digital Journal

Ivanti flaw exploited by Chinese hackers

It has been revealed that Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide. The vulnerabilities ...
Ars Technica

Agencies using vulnerable Ivanti products have until Saturday to disconnect them

Federal civilian agencies have until midnight Saturday morning to sever all network connections to Ivanti VPN software, which is currently under mass exploitation by multiple threat groups. The US ...
Dark Reading

Chinese APT Developing Exploits to Defeat Already Patched Ivanti Users

A Chinese espionage group is on the verge of developing malware that can persist in Ivanti edge devices even after patches, upgrades, and factory resets. Once-delayed patches finally began to roll out ...
Dark Reading

CISA Adds High-Severity Ivanti Vulnerability to KEV Catalog

One of the latest vulnerabilities that the Cybersecurity and Infrastructure Security Agency has added to the Known Exploited Vulnerabilities Catalog is CVE-2024-29824, found in the Ivanti Endpoint ...
SiliconANGLE

Ivanti discloses critical VPN vulnerability being actively targeted by hackers

Hackers are actively targeting deployments of some Ivanti Inc. software products using a newly discovered security vulnerability. The company disclosed the exploit, which is tracked as CVE-2025-0282, ...
Business Wire

Ivanti to Acquire Cherwell to Enable End-to-End Service and Asset Management

SALT LAKE CITY & COLORADO SPRINGS, Colo.--(BUSINESS WIRE)--Ivanti, Inc., the automation platform that makes every IT connection smarter and more secure, today announced it has signed a definitive ...