A CISA alerta para exploração ativa da falha CVE-2026-1603 no Ivanti Endpoint Manager. Administradores devem atualizar imediatamente para evitar roubo de credenciais e ataques.

Australia's intelligence agency is warning organizations about several new Ivanti zero-days chained for remote code execution (RCE) attacks. The vendor itself has said the vulns are linked to two ...

Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025.

A domain registry provider is the first company to acknowledge a compromise related to the cyberattacks, which have exploited a critical vulnerability in Ivanti Connect Secure. Ivanti has released a ...

Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control (NAC) appliances are now under mass exploitation. As discovered by threat intelligence ...

CISA is warning of new malware targeting vulnerable Ivanti products Multiple products, vulnerable to a 2024 flaw, are being targeted The malware can create web shells, harvest credentials, and more ...

Editor's note: CISA clarified its guidance regarding Ivanti VPN appliances to explain they may be reconnected to government networks following the completion of necessary mitigations. This story has ...

A handful of European government agencies have been compromised by hackers in recent weeks, thanks to a new round of critical vulnerabilities in an Ivanti product — and it's another grim reminder of ...

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but also endanger connected Ivanti Sentry mobile traffic gateways. IT software ...

A vulnerabilidade, identificada como CVE-2025-0282, permite a execução remota de código por meio de um estouro de buffer não autenticado, permitindo que os invasores se infiltrem nas redes e implantem ...