Only classified as a bug: Critical security vulnerability in Ivanti ICS attacked
Ivanti has misjudged a bug in the VPN software Connect Secure. This is a security vulnerability that is under attack.
JD Supra6h
CISA Issues Malware Analysis Report on RESURGE Malware
On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which ...
Max severity RCE flaw discovered in widely used Apache Parquet
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up ...
Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years
The new critical bug, CVE-2025-22457, is a stack-based buffer overflow flaw that can lead to unauthenticated remote code ...
National Law Review16h
Latest FCA Cybersecurity Settlement Shows Enforcement Remains a Priority Under Trump Administration
Under the FCA, a qui tam complaint is filed under seal, shared with DOJ, and not shared with the defendant so that DOJ can ...
Ivanti patches Connect Secure zero-day exploited since mid-March
Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a ...
SecurityWeek17h
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild ...
Why is someone mass-scanning Juniper and Palo Alto Networks products?
Someone or something is probing devices made by Juniper Networks and Palo Alto Networks, and researchers think it could be ...