Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it became ...

Ivanti has recently patched a critical severity vulnerability found in its Connect Secure (ICS) VPN appliances which was allegedly being abused in the wild by Chinese state-sponsored actors.

Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with other government partners, issued a new alert this week about the compromise of some Ivanti virtual private network (VPN) ...

Of particular concern, the authoring organizations and industry partners have determined that cyber threat actors are able to deceive Ivanti’s internal and external Integrity Checker Tool (ICT), ...

For any instances of Ivanti Connect Secure that were not updated by Feb. 28, 2025, to the latest Ivanti patch (22.7R2.6) and all instances of Pulse Connect Secure (EoS), Policy Secure, and ZTNA ...

To learn more about our editorial approach, explore The Direct Message methodology. When Ivanti disclosed a critical vulnerability in its Connect Secure platform in early 2025, the company had ...

The high-severity vulnerabilities impact Ivanti’s Connect Secure VPN and do not yet have a patch available. Ivanti disclosed Wednesday that a pair of high-severity, zero-day vulnerabilities impacting ...

Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan ...