CSOonline

Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day

The software maker announced that a stack-based buffer overflow flaw in its SSL VPN appliance has been exploited in the wild. Ivanti Policy Secure and Ivanti Neurons for ZTA gateways are also impacted ...
Yahoo

Ivanti patches serious Connect Secure flaw

Ivanti has recently patched a critical severity vulnerability found in its Connect Secure (ICS) VPN appliances which was allegedly being abused in the wild by Chinese state-sponsored actors.
SDxCentral

Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

Of particular concern, the authoring organizations and industry partners have determined that cyber threat actors are able to deceive Ivanti’s internal and external Integrity Checker Tool (ICT), ...
Bleeping Computer

Ivanti warns of new Connect Secure zero-day exploited in attacks

Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day bug already under active exploitation. The zero-day flaw ...
Inc

Ivanti’s Popular Business VPN System Targeted in Massive Cyberattack

Just yesterday Ivanti warned that as part of an internal review it had found the new vulnerability, which “allows an attacker to access certain restricted resources without authentication.” ...
CRN

Ivanti Discloses Exploitation Of ‘Critical’ VPN Vulnerability

The company’s Connect Secure VPN is also vulnerable to a second, high-severity flaw, Ivanti says. Ivanti disclosed Wednesday that a critical-severity, zero-day vulnerability impacting its widely used ...
TechRepublic

New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches

Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan ...
CRN

Five Latest Updates On The 2025 Ivanti VPN Attacks

A domain registry provider is the first company to acknowledge a compromise related to the cyberattacks, which have exploited a critical vulnerability in Ivanti Connect Secure. Ivanti has released a ...
Redmond Magazine

CISA Issues Alert on Exploits of Ivanti Connect Secure and Policy Secure VPN Solutions

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with other government partners, issued a new alert this week about the compromise of some Ivanti virtual private network (VPN) ...
Ars Technica

Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks

Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used ...
Yahoo Finance

Ivanti Debuts New Ivanti Connect Secure Version 25.X with Modern OS and SELinux Advances that Set New Standard for VPN Security

The rearchitecture of Ivanti Connect Secure will help customers elevate security posture, enhance control and performance, and modernize network security infrastructure. SALT LAKE CITY, Sept. 30, 2025 ...