Ivanti Archives • Daily CyberSecurity

Ivanti Neurons for ITSM Hit by CVSS 9.8 Authentication Bypass Flaw Enabling Full Admin Access CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

Ivanti Neurons for ITSM Hit by CVSS 9.8 Authentication Bypass Flaw Enabling Full Admin Access

Ddos May 14, 2025

Ivanti has released a critical security patch for its on-premises Neurons for ITSM platform, addressing a severe...

Ivanti EPMM Flaws Exploited in the Wild: Chained RCE and Auth Bypass Threaten Mobile Device Management UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Ivanti EPMM Flaws Exploited in the Wild: Chained RCE and Auth Bypass Threaten Mobile Device Management

Ddos May 13, 2025

Ivanti has released a security updates addressing two vulnerabilities in Endpoint Manager Mobile (EPMM)—CVE-2025-4427 and CVE-2025-4428—that, when...

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

Ddos April 26, 2025

A newly published report by Yuma Masubuchi from the JPCERT Coordination Center (JPCERT/CC) has uncovered the deployment...

China-Nexus APT Exploits Ivanti Connect Secure VPN in Global Cyber Espionage Campaign CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

China-Nexus APT Exploits Ivanti Connect Secure VPN in Global Cyber Espionage Campaign

Ddos April 15, 2025

A recent report by TeamT5 has uncovered a widespread cyber espionage campaign targeting Ivanti Connect Secure VPN...

Critical Vulnerabilities & Major Cyberattacks: April 7-13 Recap weekly cybersecurity, critical vulnerabilities

Critical Vulnerabilities & Major Cyberattacks: April 7-13 Recap

Ddos April 13, 2025

The cybersecurity landscape has witnessed significant activity over the past week (April 7th – April 13th), with...

Ivanti Zero-Day CVE-2025-22457 Exploit Details Released Ivanti CVE-2025-22457 Ivanti zero-day

Ivanti Zero-Day CVE-2025-22457 Exploit Details Released

Ddos April 11, 2025

Researchers at Rapid7 published technical details and proof-of-concept exploit code for a critical zero-day vulnerability in Ivanti...

Major Cybersecurity Events (31st March – 6th April 2025)

Ddos April 7, 2025

In the past week, several significant cybersecurity incidents have made headlines – including high-impact data breaches, and...

CVE-2025-22457: UNC5221 Exploits Ivanti Zero-Day Flaw to Deploy TRAILBLAZE and BRUSHFIRE Malware

Ddos April 3, 2025

Ivanti has recently disclosed a critical security vulnerability, identified as CVE-2025-22457, affecting several of its widely-used products....

PoC Released: CVE-2024-13159 (CVSS 9.8) in Ivanti EPM Poses Severe Security Threat

Ddos February 24, 2025

Security researcher Zach Hanley (@hacks_zach) of Horizon3.ai published the technical details and a proof-of-concept (PoC) exploit code...

CVE-2025-22467 (CVSS 9.9): Ivanti Connect Secure Vulnerability Allows Remote Code Execution

Ddos February 11, 2025

Ivanti has disclosed multiple vulnerabilities affecting its Connect Secure, Policy Secure, and Secure Access Client products, with...

CVE-2024-47908 (CVSS 9.1): Critical Ivanti CSA Flaw Enables Attackers to Run Arbitrary Code CVE-2023-39335 - CVE-2024-47908 - CVE-2024-11771

CVE-2024-47908 (CVSS 9.1): Critical Ivanti CSA Flaw Enables Attackers to Run Arbitrary Code

Ddos February 11, 2025

Ivanti has issued a security advisory regarding critical vulnerabilities in its Cloud Services Application (CSA). The vulnerabilities,...

Ivanti Connect Secure Zero-Day Threat: 2,048 Vulnerable Devices and Critical Exploitation Details Unveiled

Ddos January 10, 2025

On January 8, 2025, Ivanti disclosed an actively exploited zero-day vulnerability, tracked as CVE-2025-0282, affecting its Connect...

Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities

Ddos December 10, 2024

Ivanti, a leader in unified endpoint and enterprise service management, has issued patches for several high and...

CVE-2024-50330 (CVSS 9.8): Unpatched Ivanti Endpoint Manager Vulnerable to RCE Attacks CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

CVE-2024-50330 (CVSS 9.8): Unpatched Ivanti Endpoint Manager Vulnerable to RCE Attacks

Ddos November 12, 2024

Software company Ivanti has released urgent security updates for its Endpoint Manager to address a range of...

CVE-2024-37404: Critical RCE Flaw Discovered in Ivanti Connect Secure & Policy Secure, PoC Published

Ddos October 8, 2024

Ivanti has addressed a critical remote code execution (RCE) vulnerability affecting its Connect Secure and Policy Secure...