Lucene search
K

7 matches found

The Hacker News
The Hacker News
added 2025/05/22 12:7 p.m.37 views

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile EPMM software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, tracked as CVE-2025-4427 CVSS score:...

10CVSS9.7AI score0.99891EPSS
Exploits28
The Hacker News
The Hacker News
added 2024/04/05 7:15 a.m.67 views

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893. The clusters are being tracked by Mandiant under the uncategorized monikers UNC5221, UNC5266, UNC5291, UNC5325,...

9.1CVSS9.6AI score0.99999EPSS
Exploits24
The Hacker News
The Hacker News
added 2024/03/21 3:55 a.m.86 views

Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability

Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber threats. Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6. "An unauthenticated threa...

7.6AI score0.12844EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/02/01 7:43 a.m.90 views

Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities

Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connect Secure VPN and Policy Secure devices. This includes custom web shells such as BUSHWALK,...

9.1CVSS9.6AI score0.99999EPSS
Exploits26
The Hacker News
The Hacker News
added 2024/01/31 7:23 a.m.66 views

Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware

A pair of recently disclosed zero-day flaws in Ivanti Connect Secure ICS virtual private network VPN devices have been exploited to deliver a Rust-based payload called KrustyLoader that's used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as...

9.1CVSS8.4AI score0.99999EPSS
Exploits23
The Hacker News
The Hacker News
added 2024/01/20 4:31 a.m.69 views

CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday issued an emergency directive urging Federal Civilian Executive Branch FCEB agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure ICS and Ivanti Policy Secure IPS products...

9.1CVSS9.7AI score0.99999EPSS
Exploits23
The Hacker News
The Hacker News
added 2024/01/12 1:53 p.m.80 views

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure ICS VPN appliances since early December 2023. "These families allow the threat actors to circumvent...

9.1CVSS9.2AI score0.99999EPSS
Exploits23
Rows per page
Query Builder