Dark Reading

Sunken Ships: Will Orgs Learn From Ivanti EPMM Attacks?

The zero-day exploitations of Ivanti's MDM platform meant unprecedented pwning of 1000s of orgs by a Chinese APT — and ...
Hackaday

This Week In Security: Glibc, Ivanti, Jenkins, And Runc

There’s a fun buffer overflow problem in the Glibc __vsyslog_internal() function. This one’s a real rollercoaster, because logging vulnerabilities are always scary, but at a first look, it seems ...
VentureBeat

How Ivanti hopes to redefine cybersecurity with AI

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Widening gaps in cybersecurity tech stacks ...
Ars Technica

As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...
Hosted on MSN

Ivanti patches two zero-days that could lead to RCE in Endpoint Manager Mobile

Ivanti patched two flaws being chained to mount RCE attacks A "limited number" of companies were allegedly compromised Only on-prem products are affected Ivanti has released a patch for two ...
Computer Weekly

Ivanti vulnerabilities explained: Everything you need to know

At the end of 2023 and into 2024, a series of vulnerabilities in Ivanti Policy Secure network access control (NAC), Ivanti Connect Secure secure socket layer virtual private network (SSL VPN), and ...
Ars Technica

Ivanti CEO pledges to “fundamentally transform” its hard-hit security model

Ivanti, the remote-access company whose remote-access products have been battered by severe exploits in recent months, has pledged a “new era,” one that “fundamentally transforms the Ivanti security ...
Bleeping Computer

Ivanti fixes EPMM zero-days chained in code execution attacks

Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. "Ivanti has released ...
Dark Reading

Critical Ivanti vTM Bug Allows Unauthorized Admin Access

Ivanti has patched another major vulnerability, this time affecting its Virtual Traffic Manager (vTM). Ivanti vTM is an application delivery controller (ADC) within its vADC (Virtual Application ...
Bleeping Computer

Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies

Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide. The flaw is identified as CVE-2025-4428 and ...
TechCrunch

NSA says it’s tracking Ivanti cyberattacks as hackers hit US defense sector

The U.S. National Security Agency has confirmed that hackers exploiting flaws in Ivanti’s widely used enterprise VPN appliance have targeted organizations across the U.S. defense sector. NSA ...