Ivanti makes dedicated fans of Chinese spies who just can't resist attacking its buggy kit If it ain't broke? Datacenter Networking Nexus23 May 2025 | 1
'Ongoing' Ivanti hijack bug exploitation reaches clouds Nothing like insecure code in security suites CSO21 May 2025 | 4
Ivanti patches two zero-days under active attack as intel agency warns customers Vendor says vulns are linked with 2 mystery open source libraries integrated into EPMM product Patches14 May 2025 | 1
More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans GreyNoise says it is the kind of activity that typically precedes new vulnerability disclosures Security25 Apr 2025 | 8
Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years Simple denial-of-service blunder turned out to be remote unauth code exec disaster Cyber-crime03 Apr 2025 | 3
Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws PoC exploit code shows why this is a patch priority Patches21 Feb 2025 |
Nominet probes network intrusion linked to Ivanti zero-day exploit Unauthorized activity detected, but no backdoors found Security13 Jan 2025 | 6
Zero-day exploits plague Ivanti Connect Secure appliances for second year running Factory resets and apply patches is the advice amid fortnight delay for other appliances Patches09 Jan 2025 | 2
Three more vulns spotted in Ivanti CSA, all critical, one 10/10 Patch up, everyone – that admin portal is mighty attractive to your friendly cyberattacker Patches11 Dec 2024 | 2
CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame Usual three-week window to address significant risks to federal agencies applies Cybersecurity Month10 Oct 2024 |
Ivanti patches exploited admin command execution flaw Fears over chained attacks affecting EOL product Patches20 Sep 2024 | 8
CISA says crooks used Ivanti bugs to snoop around high-risk chemical facilities Crafty crims broke in but encryption stopped any nastiness Cyber-crime25 Jun 2024 | 3
Ivanti commits to secure-by-design overhaul after vulnerability nightmare CEO addresses whirlwind start to 2024 and how it plans to prevent a repeat Security04 Apr 2024 | 19
Cybercrime crew Magnet Goblin bursts onto the scene exploiting Ivanti holes Plus: CISA pulls plug on couple of systems feared compromised Cyber-crime08 Mar 2024 | 2
LockBit's contested claim of fresh ransom payment suggests it's been well hobbled Infosec in brief ALSO: CISA warns Ivanti vuln mitigations might not work, SAML hijack doesn't need ADFS, and crit vulns Security04 Mar 2024 | 1
Ivanti discloses fifth vulnerability, doesn't credit researchers who found it Software company's claim of there being no active exploits also being questioned Security09 Feb 2024 | 5
Ivanti devices hit by wave of exploits for latest security hole At this point you might be better off just shutting the stuff down Security05 Feb 2024 | 5
Ivanti releases patches for VPN zero-days, discloses two more high-severity vulns Many versions still without fixes while sophisticated attackers bypass mitigations Patches31 Jan 2024 | 8
Ivanti and Juniper Networks accused of bending the rules with CVE assignments Critics claim now-fixed vulnerabilities weren't disclosed, flag up grouping of multiple flaws under one CVE Patches22 Jan 2024 | 7
Russians invade Microsoft exec mail while China jabs at VMware vCenter Server Plus: Uncle Sam says Ivanti exploits 'consistent with PRC' snoops Cyber-crime20 Jan 2024 | 9
Ivanti zero-day exploits explode as bevy of attackers get in on the act Customers still patchless and mitigation only goes so far Cyber-crime16 Jan 2024 | 6
Number of orgs compromised via Ivanti VPN zero-days grows as Mandiant weighs in Snoops had no fewer than five custom bits of malware to hand to backdoor networks CSO13 Jan 2024 | 4
Infoseccers think attackers backed by China are behind Ivanti zero-day exploits Customers currently left patchless while attacks are expected to increase Cyber-crime11 Jan 2024 | 6
Ivanti Sentry exploited in the wild, patches emitted Good thing you're not exposing admin port 8443 to the world, right? Uh, right? Patches22 Aug 2023 | 7
Ivanti plugs critical bug – but not before it was used against Norwegian government Uncle Sam warns sysadmins to get patching as soon as possible Patches26 Jul 2023 | 5