Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in ...

Vulnerability revealed by Ivanti has been exploited by the same group that targeted Connect Secure from January 2024.

Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.

The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.

The two issues aren't believed to be chained in the attacks. Ivanti said that CVE-2025-0282 is the exploited zero-day, but ...

Ivanti confirms zero-day exploitation of a remotely exploitable code execution vulnerability (CVE-2025-0282) in its Connect ...

Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN ...

VPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by ...

Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one ...

Ivanti customers are urged to patch two new bugs in the security vendor's products, one of which is being actively exploited ...

The software maker announced that a stack-based buffer overflow flaw in its VPN appliance has been exploited in the wild.

Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December.