News

SecurityWeek1d
CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days
CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog.
SecurityWeek2d
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk
More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by ...
CISA adds Ivanti Connect Secure vulnerability to KEV catalog
CVE-2025-22457 is a critical stack buffer-overflow vulnerability. Ivanti had initially assessed as a low-level product bug ...
The Hacker News3d
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.
CSO Online6d
Ivanti warns customers of new critical flaw exploited in the wild
Chinese APT group UNC5221 appears to have studied a recent Ivanti Connect Secure patch to develop a remote code execution ...
Only classified as a bug: Critical security vulnerability in Ivanti ICS attacked
Ivanti has misjudged a bug in the VPN software Connect Secure. This is a security vulnerability that is under attack.