The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.

Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in ...

Vulnerability revealed by Ivanti has been exploited by the same group that targetted Connect Secure from January 2024.

Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN ...

Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.

The two issues aren't believed to be chained in the attacks. Ivanti said that CVE-2025-0282 is the exploited zero-day, but ...

VPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by ...

Ivanti confirms zero-day exploitation of a remotely exploitable code execution vulnerability (CVE-2025-0282) in its Connect ...

Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one ...

Ivanti customers are urged to patch two new bugs in the security vendor's products, one of which is being actively exploited ...

Ivanti has warned customers of a critical vulnerability impacting its VPN appliances that is being actively exploited in the ...

Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December.