Bleeping Computer

Ivanti warns of new Connect Secure flaw used in zero-day attacks

Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it became ...
Bleeping Computer

Ivanti warns of Connect Secure zero-days exploited in attacks

Ivanti has disclosed two Connect Secure (ICS) and Policy Secure (IPS) zero-days exploited by suspected Chinese hackers in the wild that can let remote attackers execute arbitrary commands on targeted ...
CSOonline

Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day

The software maker announced that a stack-based buffer overflow flaw in its SSL VPN appliance has been exploited in the wild. Ivanti Policy Secure and Ivanti Neurons for ZTA gateways are also impacted ...
CRN

Ivanti Reports Exploitation Of Two Zero-Day VPN Flaws

The high-severity vulnerabilities impact Ivanti’s Connect Secure VPN and do not yet have a patch available. Ivanti disclosed Wednesday that a pair of high-severity, zero-day vulnerabilities impacting ...