Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in ...

Vulnerability revealed by Ivanti has been exploited by the same group that targeted Connect Secure from January 2024.

The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.

Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.

The two issues aren't believed to be chained in the attacks. Ivanti said that CVE-2025-0282 is the exploited zero-day, but ...

Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN ...

Ivanti confirms zero-day exploitation of a remotely exploitable code execution vulnerability (CVE-2025-0282) in its Connect ...

VPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by ...

Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one ...

Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December.

Ivanti customers are urged to patch two new bugs in the security vendor's products, one of which is being actively exploited ...

Ivanti has warned customers of a critical vulnerability impacting its VPN appliances that is being actively exploited in the ...