Threat hunters are on high alert as 900 Ivanti Connect Secure instances remain unpatched and vulnerable to exploitation, ...

Ivanti released patches for vulnerable Connect Secure versions at the time of the zero-day disclosure, but Policy Secure and ...

Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was ...

Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in ...

Vulnerability revealed by Ivanti has been exploited by the same group that targeted Connect Secure from January 2024.

The two issues aren't believed to be chained in the attacks. Ivanti said that CVE-2025-0282 is the exploited zero-day, but ...

Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.

The zero-day in question was revealed and patched by Ivanti on January 8. Stack-based buffer overflow bug CVE-2025-0282 has a ...

Ivanti confirms zero-day exploitation of a remotely exploitable code execution vulnerability (CVE-2025-0282) in its Connect ...

The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.

Ivanti had recently warned customers of a critical vulnerability impacting its VPN appliances being actively exploited in the ...

Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one ...