Tag: Ivanti

A financially driven threat actor, identified as Magnet Goblin, is incorporating one-day security vulnerabilities into its arsenal to breach edge devices.

China-linked cyber espionage clusters UNC5325 and UNC3886 have been identified as exploiting vulnerabilities in Ivanti Connect Secure VPN appliances.

Despite the urgency communicated by security experts, a significant number of Ivanti endpoints continue to operate without the necessary patches or mitigations.

Hackers have been leveraging a server-side request forgery (SSRF) vulnerability in Ivanti to introduce a new backdoor named DSLog onto susceptible devices.

Ivanti has issued a security alert regarding a critical vulnerability across its Connect Secure, Policy Secure, and ZTA gateway devices.

A critical server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure has become the target of widespread exploitation.

Ivanti has issued a warning about two critical vulnerabilities affecting Connect Secure, Policy Secure, and ZTA gateways, with one identified as a zero-day flaw

CISA has issued a critical directive instructing all U.S. federal agencies to disconnect vulnerable Ivanti Connect Secure and Policy Secure VPN appliances.

Two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPNs have been exploited by a Chinese nation-state threat actor.

Ivanti, a Utah-based IT software firm, is grappling with challenges in adhering to its promised timeline for delivering patches addressing critical vulnerabilities in its Connect Secure VPN