Ivanti has misjudged a bug in the VPN software Connect Secure. This is a security vulnerability that is under attack.

Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.

On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which ...

Exploitation of the newly disclosed remote code execution bug CVE-2025-22457 may have been occurring since mid-March.

Ivanti released a security advisory regarding the active exploitation of a critical security flaw affecting vulnerable Ivanti Connect Secure, Pulse Connect Secure, Policy Secure, and ZTA gateway ...

The new critical bug, CVE-2025-22457, is a stack-based buffer overflow flaw that can lead to unauthenticated remote code ...

A Chinese APT group has managed to find a way to exploit a critical flaw in Ivanti’s Connect Secure VPN appliances, even ...

Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a ...

Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild ...

The shift toward a unified customer lifecycle can’t be done at a surface, optics-only level. A cross-department meeting or ...

Cisco report reveals two of the three top vulnerabilities attackers went after in 2024 were in old network devices.

CISA is warning of new malware targeting vulnerable Ivanti products Multiple products, vulnerable to a 2024 flaw, are being ...