The disclosure of the new high-severity Connect Secure bug comes as three recently discovered Ivanti VPN vulnerabilities are now under mass exploitation. Ivanti published details Thursday on a new, ...

With thousands of Ivanti Connect Secure devices compromised so far, CISA ordered federal agencies to ‘immediately’ implement protections against two zero-day vulnerabilities in the VPN system. U.S.

Ivanti has recently patched a critical severity vulnerability found in its Connect Secure (ICS) VPN appliances which was allegedly being abused in the wild by Chinese state-sponsored actors.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...

Ivanti has disclosed two Connect Secure (ICS) and Policy Secure (IPS) zero-days exploited by suspected Chinese hackers in the wild that can let remote attackers execute arbitrary commands on targeted ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with other government partners, issued a new alert this week about the compromise of some Ivanti virtual private network (VPN) ...

The United States Cybersecurity and Infrastructure Security Agency (CISA) has given Federal Civilian Executive Branch agencies 48 hours to rip out all Ivanti appliances in use on federal networks, ...

Ivanti, a global enterprise IT and security software company, is releasing Ivanti Connect Secure (ICS) version 25.X, aiming to redefine VPN security. According to the company, the new ICS release ...

U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely used corporate VPN appliance, but said that patches won’t be available ...

Just yesterday Ivanti warned that as part of an internal review it had found the new vulnerability, which “allows an attacker to access certain restricted resources without authentication.” ...

Two critically severe zero-day vulnerabilities in devices running Ivanti VPN services are being actively exploited by Chinese nation-state actors for unauthenticated remote code execution, according ...