Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable to ongoing attacks exploiting two zero-day ...

Ivanti has patched two critical zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) product that are already being exploited, continuing a grim run of January security incidents for ...

Hackers are exploiting yet another vulnerability in one of Ivanti’s widely used enterprise products, the U.S. government’s cybersecurity agency CISA warned in a fresh alert this week. The remote code ...

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...

At the end of 2023 and into 2024, a series of vulnerabilities in Ivanti Policy Secure network access control (NAC), Ivanti Connect Secure secure socket layer virtual private network (SSL VPN), and ...

While no patches are available yet, Ivanti urged customers to ‘apply the mitigation immediately,’ with threat actors now exploiting the flaws to carry out worldwide attacks. Volexity researchers who ...

Ivanti released a patch for a critical severity flaw in Neurons for ITSM The flaw can be abused to gain admin rights on target systems There is no evidence of abuse in the wild Ivanti has patched a ...

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but also endanger connected Ivanti Sentry mobile traffic gateways. IT software ...

Malicious hackers have begun mass-exploiting two critical zero-day vulnerabilities in Ivanti’s widely used corporate VPN appliance. That’s according to cybersecurity company Volexity, which first ...