Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.

Chinese APT group UNC5221 appears to have studied a recent Ivanti Connect Secure patch to develop a remote code execution ...

A suspected Chinese cyberespionage operation is behind a spate of malware left on VPN appliances made by Ivanti. The threat ...

IT software vendor Ivanti recently released details of a now-patched critical security vulnerability affecting Ivanti Connect ...

Ivanti has recently patched a critical severity vulnerability found in its Connect Secure (ICS) VPN appliances which was ...

Mandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead ...

Ivanti has misjudged a bug in the VPN software Connect Secure. This is a security vulnerability that is under attack.

On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which ...

Exploitation of the newly disclosed remote code execution bug CVE-2025-22457 may have been occurring since mid-March.

The new critical bug, CVE-2025-22457, is a stack-based buffer overflow flaw that can lead to unauthenticated remote code ...

Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a ...

Uncle Sam dubbed the latest software nasty Resurge, and warned it infects devices by exploiting CVE-2025-0282 - a critical ...