News

CISA adds Ivanti Connect Secure vulnerability to KEV catalog
CVE-2025-22457 is a critical stack buffer-overflow vulnerability. Ivanti had initially assessed as a low-level product bug ...
Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years
The new critical bug, CVE-2025-22457, is a stack-based buffer overflow flaw that can lead to unauthenticated remote code ...
Only classified as a bug: Critical security vulnerability in Ivanti ICS attacked
Ivanti has misjudged a bug in the VPN software Connect Secure. This is a security vulnerability that is under attack.
CRN4d
CISA Urges Patching For ‘Critical’ Ivanti VPN Flaw Exploited In Attacks
The group, UNC5221, is believed to have compromised thousands of Ivanti VPN devices during the wave of 2024 attacks, with the list of victims including CISA. In the latest attacks targeting Ivanti ...
The Hacker News1d
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.
JD Supra4d
CISA Issues Malware Analysis Report on RESURGE Malware
On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which ...
The Hacker News6d
The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page
The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...
Bleeping Computer5d
News in the Security category
CISA, the FBI, the NSA ... evasion technique used by state-sponsored threat actors and ransomware gangs. Ivanti has released security updates to patch a critical Connect Secure remote code ...