VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report

Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN ...
TechRepublic

New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches

Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan ...
TechCrunch

State-backed hackers are exploiting new Ivanti VPN zero-days — but no patches yet

U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely used corporate VPN appliance, but said that patches won’t be available ...
CRN

CISA: Attackers Are Bypassing Ivanti VPN Bug Mitigations

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...
Redmond Magazine

CISA Issues Alert on Exploits of Ivanti Connect Secure and Policy Secure VPN Solutions

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with other government partners, issued a new alert this week about the compromise of some Ivanti virtual private network (VPN) ...
CRN

Ivanti Discloses Fifth Major VPN Vulnerability In A Month

The disclosure of the new high-severity Connect Secure bug comes as three recently discovered Ivanti VPN vulnerabilities are now under mass exploitation. Ivanti published details Thursday on a new, ...
腾讯网

网络犯罪团伙伪造思科、飞塔等厂商VPN客户端窃取凭据

据微软报告,一个名为Storm-2561的网络犯罪团伙正在使用伪造的CheckPoint、思科、飞塔、Ivanti等厂商的企业VPN客户端来窃取用户凭据。 Storm-2561是一个较新的犯罪团伙("Storm"后跟数字是微软对仍在发展中的团伙的追踪方式),自2025年5月以来一直活跃,通常使用SEO定位和厂商伪装来分发恶意软件。这次从1月中旬开始的攻击活动也不例外。 该团伙通过操纵搜索结果获得对 ...
Bleeping Computer

CISA cautions against using hacked Ivanti VPN gateways even after factory resets

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to ...
Dark Reading

CISA Orders Ivanti VPN Appliances Disconnected: What to Do

The United States Cybersecurity and Infrastructure Security Agency (CISA) has given Federal Civilian Executive Branch agencies 48 hours to rip out all Ivanti appliances in use on federal networks, ...
Bleeping Computer

Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks

Update 4/5/25: ShadowServer says there are 16,000 exposed devices likely vulnerable to this flaw. IT security software company Ivanti has released patches to fix multiple security vulnerabilities ...
TechRepublic

Top 4 Ivanti Competitors

Ivanti Secure VPN is a popular remote access VPN solution used by businesses, organizations and governments worldwide. Unfortunately, five new zero-day vulnerabilities in Ivanti have been discovered ...