Unauthorized activity detected, but no backdoors found UK domain registry Nominet is investigating a potential intrusion into ...

Ivanti said that CVE-2025-0282 is the exploited zero-day, but they just happened to find CVE-2025-0283 during the threat-hunting phase and decided to include it in the advisory. The ...

Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is ...

This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year. The latest attacks, exploiting the new CVE-2025 ...

Threat hunters are scrambling to determine the scope of damage and potential impact from a critical zero-day vulnerability that impacts a trio of Ivanti products, including Ivanti Connect Secure ...

The UK’s National Cyber Security Centre (NCSC) and its US equivalent have urged Ivanti customers to take immediate action to mitigate two new vulnerabilities, one of which is being actively exploited.

Attackers exploited and chained multiple previously disclosed Ivanti Cloud Service Appliance vulnerabilities together in ...

Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it ...

U.S. software giant Ivanti has warned that a zero-day vulnerability in its widely used enterprise VPN appliance has been exploited to compromise the networks of its corporate customers.

PHASEJAM is a well-written and multifaceted bash shell script. It first installs a web shell that gives the remote hackers ...

Ivanti Policy Secure and Ivanti Neurons for ... one of which has already been exploited in the wild as a zero-day to compromise devices. The exploited vulnerability, tracked as CVE-2025-0282 ...