‘Resurge’ malware can remain undetected on devices

The malware can remain undetected on a system until a threat actor initiates a connection with the compromised device, a CISA ...

CISA warns that RESURGE malware can be dormant on Ivanti devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...
SecurityWeek

Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025

Exploitation of two recently patched Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities, which had been zero-days, has surged.
Government Technology

Federal Cyber Agency Offlines 2 Systems After Ivanti Hack

After issuing a warning about Ivanti zero-day vulnerabilities, the federal Cybersecurity and Infrastructure Security Agency (CISA) has now suffered a pair of breaches because of the incident. Hackers ...
EdTech

Review: Ivanti Unified Endpoint Manager Eases Device Visibility

John Breeden II is an award-winning reviewer with more than 20 years of experience covering technology. Follow him on Twitter @TheLabGuys. Higher education institutions handle a lot of sensitive ...
Opinion

Dutch data watchdog snitches on itself after getting caught in Ivanti zero-day attacks

Staff data belonging to the regulator and judiciary's governing body accessed The Dutch Data Protection Authority (AP) says it was one of the many organizations popped when attackers raced to exploit ...
CSO Online

Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers

Palo Alto Networks’ Unit 42 says two critical flaws are being actively abused to gain unauthenticated access, deploy persistent backdoors, and compromise entire enterprise mobile fleets even after ...
CRN

CISA: Using Ivanti VPNs May Pose ‘Significant Risk’

The agency released the warning Thursday following lab research on the exploitation of vulnerabilities in Connect Secure VPN devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ...
Business Wire

Ivanti Receives German Federal Office for Information Security (BSI) Clearance for Ivanti Endpoint Manager Mobile (EPMM) for use with Apple® iNDIGO Devices

FRANKFURT, Germany--(BUSINESS WIRE)--Ivanti, the tech company that breaks down barriers between IT and security so that Everywhere Work can thrive, has been accepted into BSI's certification program ...
Dark Reading

Threat Actors Exploit a Critical Ivanti RCE Bug, Again

A Chinese threat actor is once again exploiting Ivanti remote access devices at large. It all started last January, when two serious vulnerabilities were discovered in Ivanti's Connect Secure (ICS) ...
CSOonline

Ivanti patches two EPMM flaws exploited in the wild

The vulnerabilities located in third-party open-source libraries impact Ivanti’s mobile device management appliance and can lead to unauthenticated remote code execution. IT software company Ivanti ...
Morning Overview on MSN

VPN bugs let Chinese hackers break into dozens of Ivanti customers

Chinese state-sponsored hackers exploited flaws in Ivanti’s VPN software to breach at least 119 organizations, including the company’s own data-center network, according to a new investigation. The ...