Bleeping Computer

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...
techtimes

Ivanti Firmware Appears to Be Vulnerable to Multiple Security Flaws: Here's the Alarming Part

Ivanti Connect Secure and Policy Secure endpoints have been left vulnerable to a series of security flaws, posing significant risks to organizations relying on these products for secure access and ...
heise online

Attack warning for Ivanti Endpoint Manager, SolarWinds Web Help Desk and more

Currently, criminals are attacking security vulnerabilities on the internet in Ivantis Endpoint Manager, SolarWinds Web Help Desk, and Omnissa (formerly VMware) Workspace ONE. The US IT security ...
Bleeping Computer

CISA warns that RESURGE malware can be dormant on Ivanti devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...
Dark Reading

Sunken Ships: Will Orgs Learn From Ivanti EPMM Attacks?

The Ivanti Endpoint Manager Mobile (EPMM) zero-day attacks, which began last spring and lasted well into the summer as attackers took advantage of patching lag, were one of the top cyber-stories of ...