Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks. The flaws are ...
Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025.
As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...
Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used ...
The Ivanti Endpoint Manager Mobile (EPMM) zero-day attacks, which began last spring and lasted well into the summer as attackers took advantage of patching lag, were one of the top cyber-stories of ...