Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical ...

Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan ...

For any instances of Ivanti Connect Secure that were not updated by Feb. 28, 2025, to the latest Ivanti patch (22.7R2.6) and all instances of Pulse Connect Secure (EoS), Policy Secure, and ZTNA ...

The disclosure of the new high-severity Connect Secure bug comes as three recently discovered Ivanti VPN vulnerabilities are now under mass exploitation. Ivanti published details Thursday on a new, ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with other government partners, issued a new alert this week about the compromise of some Ivanti virtual private network (VPN) ...

U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely used corporate VPN appliance, but said that patches won’t be available ...

While no patches are available yet, Ivanti urged customers to ‘apply the mitigation immediately,’ with threat actors now exploiting the flaws to carry out worldwide attacks. Volexity researchers who ...

U.S. software giant Ivanti has warned that a zero-day vulnerability in its widely used enterprise VPN appliance has been exploited to compromise the networks of its corporate customers. The company ...

CISA directive requires US federal agencies to remove the affected software by end of today due to actively exploited vulnerabilities. In January, Ivanti alerted customers that hackers were exploiting ...

Two critically severe zero-day vulnerabilities in devices running Ivanti VPN services are being actively exploited by Chinese nation-state actors for unauthenticated remote code execution, according ...

Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used ...