Ars Technica

Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware

Networks protected by Ivanti VPNs are under active attack by well-resourced hackers who are exploiting a critical vulnerability that gives them complete control over the network-connected devices.
CRN

Five Latest Updates On The 2025 Ivanti VPN Attacks

A domain registry provider is the first company to acknowledge a compromise related to the cyberattacks, which have exploited a critical vulnerability in Ivanti Connect Secure. Ivanti has released a ...
SiliconANGLE

Ivanti discloses critical VPN vulnerability being actively targeted by hackers

Hackers are actively targeting deployments of some Ivanti Inc. software products using a newly discovered security vulnerability. The company disclosed the exploit, which is tracked as CVE-2025-0282, ...
CRN

Ivanti Discloses Exploitation Of ‘Critical’ VPN Vulnerability

The company’s Connect Secure VPN is also vulnerable to a second, high-severity flaw, Ivanti says. Ivanti disclosed Wednesday that a critical-severity, zero-day vulnerability impacting its widely used ...
Business Wire

Ivanti Neurons for Patch Management Introduces Risk-Based Deployment to Tackle Growing Cyber Threats and Automate Patching Process

SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the tech company that breaks down barriers between IT and security so that Everywhere Work can thrive, announced new features for Ivanti Neurons for Patch ...
Bleeping Computer

Ivanti warns of new Connect Secure flaw used in zero-day attacks

Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it became ...
Dark Reading

Third Ivanti Bug Comes Under Active Exploit, CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has added a third Ivanti vulnerability to the agency's Known Exploited Vulnerabilities (KEV) Catalog in as many weeks. CVE-2024-7593 is a ...
Ars Technica

Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks

Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used ...
Dark Reading

Ivanti Gets Poor Marks for Cyber Incident Response

Editor's note: CISA clarified its guidance regarding Ivanti VPN appliances to explain they may be reconnected to government networks following the completion of necessary mitigations. This story has ...
TechRadar

Ivanti patches serious endpoint management software security bugs, so update now

Ivanti has released a patch for a critical security vulnerability, advising users to apply it immediately to secure their infrastructure. In an advisory, Ivanti said it had uncovered a deserialization ...
Business Wire

Ivanti Names Software Industry Leader Dennis Kozak as CEO

SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the software company that breaks down barriers between IT and security so that Everywhere Work can thrive, announced today that it has named current Ivanti COO ...
TechRadar

Ivanti warns it has found another major security flaw in its systems

Ivanti finds 10/10 flaw in the Cloud Services Appliance It allows hackers to gain administrative privileges The bug was fixed in version 5.0.3, with users urged to update now Ivanti is warning ...