Hackers are exploiting a new Ivanti VPN security bug
Ivanti discloses critical VPN vulnerability being actively targeted by hackers
According to Ivanti, CVE-2025-0282 is a so-called stack overflow vulnerability. Such exploits enable hackers to write more data to a section of a system’s memory than it’s meant to hold. This causes the data to overflow to adjacent memory sections, overwriting their contents with malicious code.
Google: Chinese hackers likely behind Ivanti VPN zero-day attacks
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called 'Dryhook' and 'Phasejam' that is not currently associated with any threat group.
Threat actors are once again lining up to exploit vulnerabilities in the widely used Ivanti product suite, with a link to Chinese espionage activity firmed up by Mandiant analysts.
Security researchers at Mandiant are confident that Chinese hackers are behind an ongoing malware campaign exploiting a flaw ...
Vulnerability revealed by Ivanti has been exploited by the same group that targeted Connect Secure from January 2024.
Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.
Researchers at Google Cloud-owned Mandiant say that the exploitation of a critical Ivanti Connect Secure vulnerability began ...
The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.
Ivanti issues urgent alert on a new vulnerability found in their Connect Secure product, urging immediate action to mitigate ...
To combat AI threats in 2025, security teams are set to enter the second phase of AI innovation in security by deploying semi ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback