The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.

Vulnerability revealed by Ivanti has been exploited by the same group that targetted Connect Secure from January 2024.

Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.

Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN ...

The two issues aren't believed to be chained in the attacks. Ivanti said that CVE-2025-0282 is the exploited zero-day, but ...

VPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by ...

Ivanti has warned customers of a critical vulnerability impacting its VPN appliances that is being actively exploited in the ...

Ivanti customers are urged to patch two new bugs in the security vendor's products, one of which is being actively exploited ...

Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December.

PHASEJAM is a well-written and multifaceted bash shell script. It first installs a web shell that gives the remote hackers ...

Ivanti’s Connect Secure VPN is vulnerable to a critical-severity zero-day vulnerability that has been exploited in attacks as ...

The UK internet domain registry, Nominet, has confirmed to ISPreview that their network has suffered an "unauthorised ...