Unauthorized activity detected, but no backdoors found UK domain registry Nominet is investigating a potential intrusion into ...

Ivanti said that CVE-2025-0282 is the exploited zero-day, but they just happened to find CVE-2025-0283 during the threat-hunting phase and decided to include it in the advisory. The ...

Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is ...

This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year. The latest attacks, exploiting the new CVE-2025 ...

Threat hunters are scrambling to determine the scope of damage and potential impact from a critical zero-day vulnerability that impacts a trio of Ivanti products, including Ivanti Connect Secure ...

The UK’s National Cyber Security Centre (NCSC) and its US equivalent have urged Ivanti customers to take immediate action to mitigate two new vulnerabilities, one of which is being actively exploited.

Attackers exploited and chained multiple previously disclosed Ivanti Cloud Service Appliance vulnerabilities together in ...

Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability.

U.S. software giant Ivanti has warned that a zero-day vulnerability in its widely used enterprise VPN appliance has been exploited to compromise the networks of its corporate customers.

PHASEJAM is a well-written and multifaceted bash shell script. It first installs a web shell that gives the remote hackers ...

which almost certainly means further intelligence will be released soon on one or more zero-day threat campaigns targeting Ivanti devices. Ivanti Connect Secure 22.7R2.4 and prior, 9.1R18.9 and ...