Ivanti, VPN

Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware
PHASEJAM is a well-written and multifaceted bash shell script. It first installs a web shell that gives the remote hackers privileged control of devices. It then injects a function into the Connect Secure update mechanism that’s intended to simulate the upgrading process.
Google: Chinese hackers likely behind Ivanti VPN zero-day attacks
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called 'Dryhook' and 'Phasejam' that is not currently associated with any threat group.
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product
Ivanti confirms zero-day exploitation of a remotely exploitable code execution vulnerability (CVE-2025-0282) in its Connect Security products.
Ivanti warns another critical security flaw is being attacked
Ivanti has warned customers of a critical vulnerability impacting its VPN appliances that is being actively exploited in the wild to drop malware. In a security advisory, Ivanti said that it uncovered two vulnerabilities recently - CVE-2025-0282 and CVE-2025-0283,
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances.
Ivanti discloses critical VPN vulnerability being actively targeted by hackers
Ivanti is a major provider of infrastructure management and cybersecurity software with more than 40,000 customers. According to the company, those customers include several U.S. government agencies.
Hackers are exploiting a new Ivanti VPN security bug to hack into company networks
Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December.
Direct Marketing News4h
Ivanti warns of new Connect Secure vulnerability
Ivanti issues urgent alert on a new vulnerability found in their Connect Secure product, urging immediate action to mitigate ...
CSOonline17h
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances
Vulnerability revealed by Ivanti has been exploited by the same group that targeted Connect Secure from January 2024.
The Register on MSN1d
Zero-day exploits plague Ivanti Connect Secure appliances for second year running
Factory resets and apply patches is the advice amid fortnight delay for other appliances The cybersecurity industry is urging ...
SecurityWeek23h
Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies
Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.
CRN1d
Ivanti Discloses Exploitation Of ‘Critical’ VPN Vulnerability
Ivanti’s Connect Secure VPN is vulnerable to a critical-severity zero-day vulnerability that has been exploited in attacks as ...
Security Boulevard6d
Best of 2024: If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door
Firewalls and VPN appliances are critical gateways. Like all on-prem systems, a vulnerability can lead to a compromise that ...