mandiant ivanti news - Search News

VPN, Ivanti

Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware

PHASEJAM is a well-written and multifaceted bash shell script. It first installs a web shell that gives the remote hackers privileged control of devices. It then injects a function into the Connect Secure update mechanism that’s intended to simulate the upgrading process.

Bleeping Computer · 1d

Google: Chinese hackers likely behind Ivanti VPN zero-day attacks

Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called 'Dryhook' and 'Phasejam' that is not currently associated with any threat group.

SiliconANGLE · 1d

Ivanti discloses critical VPN vulnerability being actively targeted by hackers

Ivanti is a major provider of infrastructure management and cybersecurity software with more than 40,000 customers. According to the company, those customers include several U.S. government agencies.

TechCrunch · 1d

Hackers are exploiting a new Ivanti VPN security bug to hack into company networks

Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December.

Direct Marketing News16h

Ivanti warns of new Connect Secure vulnerability

Ivanti issues urgent alert on a new vulnerability found in their Connect Secure product, urging immediate action to mitigate ...

Computer Weekly20h

Mandiant: Latest Ivanti vulns exploited by Chinese cyber spooks

Threat actors are once again lining up to exploit vulnerabilities in the widely used Ivanti product suite, with a link to Chinese espionage activity firmed up by Mandiant analysts.

CSOonline1d

Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances

Vulnerability revealed by Ivanti has been exploited by the same group that targeted Connect Secure from January 2024.

SecurityWeek1d

Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies

Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.

CRN1d

Ivanti VPN Attacks Started In Mid-December, May Have Links To China: Mandiant

Researchers at Google Cloud-owned Mandiant say that the exploitation of a critical Ivanti Connect Secure vulnerability began ...

1don MSN

Ivanti warns another critical security flaw is being attacked

Ivanti has warned customers of a critical vulnerability impacting its VPN appliances that is being actively exploited in the ...

The Register on MSN1d

Zero-day exploits plague Ivanti Connect Secure appliances for second year running

Factory resets and apply patches is the advice amid fortnight delay for other appliances The cybersecurity industry is urging ...

Ivanti customers confront new zero-day with suspected nation-state nexus

The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.

Ivanti Connect Secure: Attackers exploit critical security vulnerability

Ivanti warns against active attacks on Ivanti Secure Connect systems. Networks can be compromised through code smuggling.

Results that may be inaccessible to you are currently showing.

Hide inaccessible results