News

Over 5K Ivanti VPNs vulnerable to critical bug under attack
The Shadowserver Foundation found 5,113 Ivanti VPN instances that are vulnerable to CVE-2025-22457, a critical stack-based ...
CISA adds Ivanti Connect Secure vulnerability to KEV catalog
CVE-2025-22457 is a critical stack buffer-overflow vulnerability. Ivanti had initially assessed as a low-level product bug ...
SecurityWeek16h
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk
More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by ...
Ivanti patches Connect Secure zero-day exploited since mid-March
Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a ...
The Hacker News1d
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.
The Hacker News6d
The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page
The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
SecurityWeek8d
CISA Analyzes Malware Used in Ivanti Zero-Day Attacks
CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day.
HealthcareInfoSecurity9d
Rootkit, Backdoor and Tunneler: Ivanti Malware Does It All
Hackers using Trojans connected to a malware family deployed by Chinese nation-state hackers are actively exploiting a ...