Ivanti customers, including major government agencies, face mounting pressure as attackers expand their scope of targets to exploit a pair of vulnerabilities the vendor disclosed late January after in-the-wild attacks already occurred. The Netherlands’ Dutch Data Protection Authority and the Council for the Judiciary confirmed both agencies were impacted by attacks linked to the Ivanti…
Category: known exploited vulnerabilities (KEV)
AI, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Endpoint, Europe, Exploits, Global Security News, Government & Policy, ivanti, known exploited vulnerabilities (KEV), network edge devices, Threats
Fallout from latest Ivanti zero-days spreads to nearly 100 victims
Ivanti customers, including major government agencies, face mounting pressure as attackers expand their scope of targets to exploit a pair of vulnerabilities the vendor disclosed late January after in-the-wild attacks already occurred. The Netherlands’ Dutch Data Protection Authority and the Council for the Judiciary confirmed both agencies were impacted by attacks linked to the Ivanti…
Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, known exploited vulnerabilities (KEV), Technology, Threats
Microsoft’s last Patch Tuesday of 2025 addresses 57 defects, including one zero-day
Microsoft addressed 57 vulnerabilities affecting its various products for business operations and core systems, including one actively exploited zero-day, the company said in its latest monthly security update. The zero-day vulnerability — CVE-2025-62221 — affects the Windows Cloud Files Mini Filter Driver and has a CVSS rating of 7.8. Attackers could exploit the use-after-free defect…
Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, Huntress, known exploited vulnerabilities (KEV), Threats
Attackers bypass patch in deprecated Windows Server update tool
Attackers are actively exploiting a critical vulnerability in Windows Server Update Services, bypassing a patch Microsoft issued earlier this month that failed to mitigate the issue affecting software versions dating back to 2012. Microsoft released an emergency, out-of-band security update for CVE-2025-59287 on Thursday. Multiple research firms detected in-the-wild exploitation by Friday, yet Microsoft has…
CISA, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, IBM X-Force, known exploited vulnerabilities (KEV), Mandiant, Research, Verizon Data Breach Investigations Report, Verizon DBIR, VulnCheck, vulnerabilities
VulnCheck spotted 159 actively exploited vulnerabilities in first few months of 2025
Attackers exploited nearly a third of vulnerabilities within a day of CVE disclosure in the first quarter of 2025, VulnCheck said in a report released Thursday. The company, which focuses on vulnerability threat intelligence, identified 159 actively exploited vulnerabilities from 50 sources during the quarter. The time from CVE disclosure to evidence of exploitation in…
china, CISA, cisco, citrix, CVE, Cybercrime, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), espionage, exploit, Exploits, firewall, firewalls, Fortinet, Gartner, Global Security News, Google Threat Intelligence Group, ivanti, known exploited vulnerabilities (KEV), Mandiant, National Vulnerability Database, NIST, Palo Alto Networks, Rapid7, Research, routers, Technology, Threats, virtual private network (VPN), VulnCheck, vulnerabilities, vulnerability disclosure, zero days
Is Ivanti the problem or a symptom of a systemic issue with network devices?
Network edge devices — hardware that powers firewalls, VPNs and network routers — have quickly moved up the list of attackers’ preferred intrusion points into enterprise networks. While dozens of companies make and sell these devices, customers of one company in particular — Ivanti — have confronted exploited vulnerabilities in their products more than any…
china, CISA, Cybersecurity, Cybersecurity and Infrastructure Security Agency, espionage, exploit, Exploits, Global Security News, Google Threat Intelligence Group, ivanti, known exploited vulnerabilities (KEV), Mandiant, Research, Threats, vulnerability
China-backed espionage group hits Ivanti customers again
Ivanti customers are confronting another string of attacks linked to an actively exploited vulnerability in the company’s VPN products. Mandiant said a nation-state backed espionage group linked to China has been exploiting the critical vulnerability, CVE-2025-22457, since mid-March. The threat group, which Google Threat Intelligence Group tracks as UNC5221, has a knack for exploiting Ivanti…