One threat actor responsible for 83% of recent Ivanti RCE attacks

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as ...

VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report

Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN ...

‘Resurge’ malware can remain undetected on devices

The malware can remain undetected on a system until a threat actor initiates a connection with the compromised device, a CISA ...
Security Boulevard

CVE-2026-1281 & CVE-2026-1340: Actively Exploited Pre-Authentication RCE in Ivanti EPMM

Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. The post CVE-2026-1281 & CVE-2026-1340: ...

CISA warns that RESURGE malware can be dormant on Ivanti devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...
techtimes

Ivanti Firmware Appears to Be Vulnerable to Multiple Security Flaws: Here's the Alarming Part

Ivanti Connect Secure and Policy Secure endpoints have been left vulnerable to a series of security flaws, posing significant risks to organizations relying on these products for secure access and ...
SecurityWeek

Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025

Exploitation of two recently patched Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities, which had been zero-days, has surged.
Ars Technica

Ivanti CEO pledges to “fundamentally transform” its hard-hit security model

Ivanti, the remote-access company whose remote-access products have been battered by severe exploits in recent months, has pledged a “new era,” one that “fundamentally transforms the Ivanti security ...
Dark Reading

Ivanti Keeps Security Teams Scrambling With 2 More Vulns

Ivanti, whose products have been a big target for attackers recently, has disclosed two more critical vulnerabilities in its technologies — raising more questions about the security of its products in ...
Ars Technica

As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...
Infosecurity-magazine.com

New Ivanti Vulnerability Observed as Widespread Security Concerns Grow

Bad news continues to pile up for Utah-based IT software provider Ivanti as a new vulnerability has been discovered in its products. On February 8, Ivanti disclosed a new authentication bypass ...
SDxCentral

Ivanti Report Reveals that 72% of Professionals Say IT And Security Data is Siloed in Their Organization

41% say IT and security teams struggle to collaboratively manage cybersecurity which contributes to corporate misalignment and elevated security risk. SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the tech ...