Ivanti has released patches for seven security vulnerabilities across its products, including Ivanti Secure Access Client, Xtraction, Virtual Traffic Manager, and Endpoint Manager. The most critical ...flaw, CVE-2026-8043, allows remote exploitation to access sensitive files. Other vulnerabilities include SQL injection and command injection issues. Ivanti reports no known exploitation of these vulnerabilities in the wild.
Ivanti Patches Multiple Vulnerabilities in Secure Access, Xtraction ...
Ivanti has released patches for multiple vulnerabilities in its Secure Access and Xtraction products. These updates address security flaws to enhance protection for users. The patches are part of Iva...nti's ongoing commitment to maintaining robust security across its product offerings.
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks
Ivanti released security updates for its Endpoint Manager Mobile (EPMM) product, addressing five vulnerabilities, including the high-severity zero-day CVE-2026-6973, which has been exploited in targe...ted attacks. The flaw allows remote code execution by authenticated attackers with admin privileges. Ivanti advises customers to rotate credentials to mitigate risks. The updates also patch other vulnerabilities that have not been exploited in the wild.
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
Ivanti's Endpoint Manager Mobile (EPMM) faces a critical zero-day vulnerability, CVE-2026-6973, allowing remote code execution. CISA mandates U.S. federal agencies to patch systems by May 10. Ivanti ...advises updates to EPMM versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 and credential rotation. The flaw affects only on-prem EPMM, not Ivanti's cloud solutions or other products.
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
Ivanti disclosed a critical remote code execution vulnerability (CVE-2026-6973) in its Endpoint Manager Mobile (EPMM) product, affecting version 12.8.0.0 and earlier. The vulnerability, which allows ...attackers to execute arbitrary code with admin-level access, has been added to CISA's Known Exploited Vulnerabilities catalog. Ivanti has issued patches and urged immediate remediation, especially for federal agencies facing a May 10 deadline.
Ivanti customers confront yet another actively exploited zero-day
Ivanti has disclosed a zero-day vulnerability, CVE-2026-6973, in its Endpoint Manager Mobile (EPMM), allowing remote code execution by authenticated users. The company released patches for this and f...our other vulnerabilities. Ivanti emphasizes transparency and ongoing security improvements, noting the challenges posed by skilled attackers. The Cybersecurity and Infrastructure Security Agency has added this zero-day to its known exploited vulnerabilities catalog.
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti has identified a critical security vulnerability, CVE-2026-6973, in its Endpoint Manager Mobile (EPMM) software, allowing remote code execution by authenticated users. This flaw, along with fo...ur others, has been actively exploited in limited attacks. Ivanti has released patches for these vulnerabilities, urging immediate updates. The U.S. CISA has added this flaw to its Known Exploited Vulnerabilities catalog, mandating federal agencies to apply fixes by May 10, 2026.
New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks
Ivanti has disclosed critical vulnerabilities in its Endpoint Manager Mobile (EPMM) product, including the actively exploited CVE-2026-6973. The company urges immediate patching for on-premises EPMM ...users, highlighting that cloud-based Ivanti Neurons for MDM remains unaffected. Ivanti's integration of AI systems in vulnerability management has enhanced its security capabilities, leading to more frequent vulnerability disclosures as part of a proactive security strategy.
U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog. The f...law, CVE-2026-6973, allows code execution with admin privileges. Ivanti urges immediate patching to prevent exploitation. The vulnerability affects EPMM 12.8.0.0 and earlier, but not Ivanti Neurons for MDM or other Ivanti products.
Ivantis Latest Release Puts Agentic AI ITSM Into Commercial Deployment
Ivanti has launched its Neurons AI self-service agent, marking a significant step in autonomous IT service management (ITSM). The 2026.1 release introduces features like incident correlation, AI summ...arization, and semantic search, enhancing ITSM ticket deflection and reducing manual tasks. This shift towards agentic AI ITSM aims to automate routine tasks, allowing IT teams to focus on strategic initiatives.
Ivanti Advances Autonomous Capabilities Across IT & Security
Ivanti has enhanced its Neurons platform with new autonomous capabilities for IT and security operations. The updates include autonomous patch compliance and an AI-driven ITSM solution, enabling orga...nizations to manage and secure environments with minimal human intervention. These advancements aim to improve efficiency and compliance, addressing the evolving threat landscape and increasing complexity in IT operations.
Ivanti Advances Autonomous Capabilities Across IT & Security
Ivanti enhances its IT and security solutions by advancing autonomous capabilities, aiming to improve efficiency and security management for enterprises.
Ivanti Neurons AI Automates IT to Cut Manual Work, Security Risks
Ivanti has introduced Neurons AI, a solution designed to automate IT processes, reducing manual tasks and enhancing security. This innovation aims to streamline operations and mitigate security risks..., reflecting Ivanti's commitment to improving IT and security management.
Ivanti Enhances Autonomous Capabilities Across IT and Security Operations with AI-Driven Neurons Platform
Ivanti has enhanced its Neurons platform with new AI-driven capabilities for autonomous IT and security operations. The platform now includes features like autonomous patch compliance and the Agentic... AI solution for ITSM, which automate routine tasks and improve efficiency. These updates aim to reduce risk and improve outcomes for IT and security teams, positioning Ivanti as a leader in autonomous operations.
Ivanti Neurons AI automates IT operations, reducing manual work and ...
Ivanti has unveiled new capabilities for its Neurons AI platform, focusing on autonomous IT operations and enhanced security. The updates include autonomous patch compliance and the Agentic AI soluti...on for ITSM, aimed at reducing manual intervention and improving efficiency. These advancements position Ivanti Neurons as a key player in transforming IT operations with AI-driven insights and automation.
Ivanti Neurons ITSM Vulnerabilities Could Allow Session Persistence
Ivanti disclosed vulnerabilities in its Neurons for ITSM platform, identified as CVE-2026-4913 and CVE-2026-4914. These flaws could allow attackers to maintain unauthorized access or inject malicious... scripts. Ivanti has released version 2025.4 to address these issues, with automatic updates for cloud users and manual updates required for on-premises systems.
Ivanti Advances Autonomous IT and Security Operations with AI-Driven ...
Ivanti has launched enhancements to its Neurons platform, focusing on autonomous IT operations and AI-driven self-service. Key updates include the Ivanti Neurons AI self-service agent for ITSM, the S...overeign Cloud for MDM, and new hardware appliances ISA6500 and ISA8500. These updates aim to improve operational efficiency, reduce risk, and enhance security for IT and security teams.
Ivanti Launches Sovereign Cloud Solution to Support European Data Sovereignty and Compliance
Ivanti has launched the Ivanti Neurons for MDM Sovereign Edition EU, a cloud-based solution designed to meet stringent European data sovereignty and compliance requirements. This offering aligns wi...th the EU Cloud Sovereignty Framework, providing centralized endpoint management for regulated sectors such as financial services, energy, and healthcare. Key features include certified European security assurance and compliance with SEAL-2 and SEAL-3 classifications.
Ivanti adds autonomous IT and security features to Neurons platform
Ivanti has enhanced its Neurons platform with autonomous IT and security features, including an AI self-service agent for IT service management. This agent autonomously handles incidents, reducing ma...nual work and ticket volume. New features include continuous compliance for patch management and Sovereign Cloud for EU-focused mobile device management. The platform aims to automate detection and remediation, allowing IT teams to focus on complex issues.
Ivanti Advances Autonomous IT and Security Operations with AI-Driven ...
Ivanti has launched enhancements to its Neurons platform, focusing on autonomous IT operations and AI-driven self-service. The updates include the Ivanti Neurons AI self-service agent, designed to tr...ansform IT service workflows by reducing ticket volume and improving resolution speed. The platform also introduces the Sovereign Cloud edition for organizations with stringent compliance needs and new hardware appliances, ISA6500 and ISA8500, for modern security requirements. These innovations aim to improve operational efficiency and security for IT teams.
CISA Warns of Critical Ivanti EPMM Code Injection Vulnerability ...
CISA has issued a warning about a critical code injection vulnerability in Ivanti's Endpoint Manager Mobile (EPMM). This flaw could allow attackers to execute arbitrary code, posing significant secur...ity risks. Ivanti is working on a patch to address the issue.
CISA adds second critical flaw in Ivanti EPMM to exploited ...
CISA has added a critical code injection flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog. This vulnerability, CVE-2026-1340, allows remote code execution ...without authentication. Ivanti released a patch in March to address this and similar flaws, urging users to upgrade to version 12.8 for enhanced security.
CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
Ivanti's Endpoint Manager Mobile (EPMM) is under scrutiny as CISA mandates U.S. federal agencies to patch a critical vulnerability (CVE-2026-1340) by April 11. This flaw, exploited since January, all...ows remote code execution on unpatched systems. Ivanti had previously released updates to address this and another vulnerability, urging immediate action to prevent exploitation.
U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1340, to its Known Exploit...ed Vulnerabilities catalog. This flaw allows unauthenticated remote code execution. Ivanti urges customers to apply patches and use its RPM detection tool to identify potential compromises. Federal agencies must address this vulnerability by April 11, 2026.
Ivanti Product Enhancements Drive Stronger Security and Streamlined User Experience for Modern Enterprises
Ivanti has announced significant enhancements to its product suite, focusing on security and user experience improvements. Key updates include the release of Ivanti Connect Secure (ICS) version 25.X,... which features a new enterprise-grade Oracle Linux OS and enhanced security measures. Ivanti Neurons for Patch Management now offers streamlined deployment capabilities, and new AI-powered diagnostics in Ivanti Neurons Workspace improve device issue detection. These updates aim to support scalable growth and modernize IT operations for enterprises.
Tech Disruptions Cost Companies Millions of Dollars in Lost Productivity Annually, According to Research from Ivanti
Ivanti's 2025 Digital Employee Experience (DEX) Report reveals that tech disruptions cost companies millions annually in lost productivity. The report highlights a disconnect between perceived digita...l maturity and real-world tech challenges, with only 21% of workers seeing AI productivity gains. Ivanti's CEO emphasizes the role of DEX solutions in enhancing AI initiatives and improving employee experience.
Ivanti Unveils Enhancements to its IT and Security Solutions, Empowering Teams with Greater Efficiency and Improving User Experience
Ivanti has announced enhancements to its IT and security solutions, focusing on improving efficiency and user experience. Key updates include support for Windows 11 on Snapdragon devices, automated m...igration, and enhanced integration capabilities. These updates aim to help IT and security teams manage and protect their operations more effectively.
Ivanti Unveils AI-Driven Innovations to the Neurons Platform to Power the Future of IT and Security
Ivanti has introduced AI-driven enhancements to its Neurons platform, including agentic AI for ITSM, autonomous endpoint management, and improved asset visibility. These innovations aim to streamline... IT operations, enhance security, and provide real-time insights, with customer previews starting in Q1 2026 and general availability later in the year.
Ivanti Report Reveals Only One in Three Organizations Have Implemented Zero Trust Network Access for Remote Workers
Ivanti's latest report highlights that only one-third of organizations have adopted zero trust network access for remote workers, despite increasing cybersecurity threats. The report underscores the ...need for robust access controls and highlights vulnerabilities due to unmanaged devices and BYOD practices. Ivanti emphasizes a zero-trust strategy to enhance enterprise security.
Ivanti Releases New Ivanti Connect Secure Version 22.8 with Secure by Default Features and Enhancements
Ivanti has launched Ivanti Connect Secure version 22.8, featuring Secure by Default enhancements. This release optimizes VPN performance, enhances security with features like a built-in Web Applicati...on Firewall, and supports modern security frameworks such as SASE and Zero Trust. The update aims to improve operational efficiency and secure network access for distributed workforces.
Ivanti Powers Cloud-First Supply Chains with Velocity Platform Expansion
Ivanti has expanded its Velocity platform to include Velocity Forms, a cloud-based solution designed to modernize supply chain operations by replacing paper processes with digital forms. This update ...aims to reduce errors, prevent chargebacks, and streamline workflows through seamless integration with existing systems, enhancing operational efficiency and cost-effectiveness.
Ivanti Announces New Product Integration with Google Cloud
Ivanti has launched a new integration with Google Cloud, supporting Context Aware Access policies to enhance security for Google Workspace and Cloud applications. This collaboration enables organizat...ions to adopt a zero-trust approach, ensuring secure access from iOS and Android devices without traditional VPNs. Ivanti's solution allows conditional access based on device status and IP address, enhancing security for remote work environments.
Ivanti Debuts New Ivanti Connect Secure Version 25.X with Modern OS and SELinux Advances that Set New Standard for VPN Security
Ivanti has launched Ivanti Connect Secure (ICS) version 25.X, featuring a major architectural overhaul with an enterprise-grade Oracle Linux OS and SELinux enforcement. This release enhances VPN secu...rity by minimizing vulnerabilities and improving operational resilience. Key features include a modern web server, Secure Boot, and disk encryption, aligning with Ivanti's Secure by Design principles to bolster enterprise security.
CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws
CISA has identified an authentication bypass vulnerability in Ivanti Endpoint Manager (EPM), tracked as CVE-2026-1603, as being actively exploited. This flaw, patched in February 2026, allows remote ...attackers to access stored credential data. Ivanti had initially reported no known exploitations but the situation has changed, prompting CISA to add it to its Known Exploited Vulnerabilities catalog.
CISA: Recently patched Ivanti EPM flaw now actively exploited
Ivanti's Endpoint Manager (EPM) software has a high-severity vulnerability, CVE-2026-1603, now actively exploited, prompting CISA to mandate U.S. federal agencies to patch systems by March 23. The fl...aw allows remote attackers to bypass authentication and steal credentials. Ivanti had patched this vulnerability in EPM 2024 SU5, addressing other security issues. Despite no reports of exploitation, CISA added it to its Known Exploited Vulnerabilities Catalog.
Ivanti Desktop and Server Management Vulnerability Allows Attackers to ...
Ivanti has released a security update for its Desktop and Server Management (DSM) software to address a high-severity vulnerability (CVE-2026-3483) that allows local attackers to escalate privileges.... The flaw affects all DSM versions up to 2026.1 and has been resolved in version 2026.1.1. Organizations are urged to update immediately to prevent potential exploitation.
CISA shortens patch deadline for critical Ivanti, SolarWinds bugs
The Cybersecurity and Infrastructure Security Agency (CISA) has shortened the patch deadline for a critical vulnerability (CVE-2026-1603) affecting Ivanti products. This vulnerability has been exploi...ted by cybercriminals and nation-state actors, with reports indicating repeated targeting by Chinese attackers throughout 2025. Federal agencies must patch this vulnerability within two weeks to prevent further exploitation.
U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical authentication bypass vulnerability in Ivanti Endpoint Manager (EPM), tracked as CVE-2026-1603, to its Known Expl...oited Vulnerabilities catalog. Ivanti released patches in February to address this flaw, which allows remote attackers to access sensitive login information without credentials. Federal agencies are required to fix this vulnerability by March 23, 2026.
CISA has detailed the RESURGE malware exploiting a zero-day vulnerability in Ivanti Connect Secure VPN gateways (CVE-2025-0282). The malware, linked to a China-associated threat, uses rootkit and boo...tkit techniques for stealthy persistence. Organizations using Ivanti Connect Secure should apply security updates, monitor TLS traffic, and validate firmware to mitigate risks.
CISA Alerts On RESURGE Malware Targeting Ivanti Connect Secure ...
CISA has issued a warning about the RESURGE malware targeting vulnerabilities in Ivanti's Connect Secure, Policy Secure, and ZTA Gateways. The malware exploits a stack-based buffer overflow (CVE-2025...-0282) to execute arbitrary code, posing significant security risks. Ivanti provides recovery steps, and CISA recommends immediate mitigation actions, including factory resets and credential updates, to protect affected systems.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an updated report on the RESURGE malware, which can remain dormant on Ivanti Connect Secure devices. This malware exploits the C...VE-2025-0282 vulnerability, using advanced encryption and forged certificates to evade detection. CISA emphasizes the need for proactive patching and threat hunting to mitigate risks associated with this persistent threat.
Two critical zero-day vulnerabilities, CVE-2026-1281 and CVE-2026-1340, have been identified in Ivanti Endpoint Manager Mobile (EPMM), allowing remote code execution. These vulnerabilities are active...ly exploited, affecting sectors like government and healthcare. Ivanti has issued a security advisory recommending immediate patch application to mitigate risks.
Multiple Endpoint Manager bugs patched by Ivanti, including remote auth ...
Ivanti has patched multiple vulnerabilities in its Endpoint Manager, including a high-severity authentication bypass (CVE-2026-1603) and a medium-severity SQL injection (CVE-2026-1602). These updates..., part of EPM 2024 SU5, address critical security issues that could allow remote attackers to steal credentials and execute arbitrary code. The company confirmed no known exploits of these vulnerabilities before their public disclosure.
Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for ...
Multiple vulnerabilities in Ivanti Endpoint Manager, including an authentication bypass and SQL injection, could allow unauthorized access to credential data. Ivanti recommends immediate updates to m...itigate these risks.
EU, Dutch government announce hacks following Ivanti zero-days
Ivanti's Endpoint Manager Mobile (EPMM) faced critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, leading to cyberattacks on the Dutch government and European Commission. Ivanti issued patches..., but some customers were compromised. Global security agencies have issued alerts, emphasizing the high risk of unpatched systems.
Fallout from latest Ivanti zero-days spreads to nearly 100 victims
Ivanti disclosed two critical zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) software, leading to widespread exploitation affecting nearly 100 entities, including major government age...ncies. The vulnerabilities, CVE-2026-1281 and CVE-2026-1340, enable remote code execution. Ivanti has released a detection script and is working with security partners to mitigate the impact. The Cybersecurity and Infrastructure Security Agency has identified multiple Ivanti vulnerabilities as exploited since 2021.
Hackers Exploiting Ivanti EPMM Devices to Deploy Dormant Backdoors
Hackers are exploiting Ivanti's Endpoint Manager Mobile (EPMM) devices using two critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, to plant dormant backdoors. Ivanti has issued mitigation gu...idance, but exploitation continues. The attack involves a Base64-encoded Java class file that remains inactive until triggered, posing a significant security threat. Ivanti urges immediate patching and server restarts to remove in-memory implants.
Ivanti Issues Urgent Fix for Critical Zero-Day Flaws Under Active Attack - IT Security News
Ivanti has released urgent patches for two critical remote code execution vulnerabilities (CVE-2026-1281 & CVE-2026-1340) in its EPMM software. These zero-day flaws are currently under active attack,... prompting immediate action to secure affected systems.
Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) - watchTowr Labs
Ivanti disclosed CVE-2026-1281 and CVE-2026-1340, critical pre-auth remote command execution vulnerabilities in its Endpoint Manager Mobile (EPMM) solution. These vulnerabilities were actively exploi...ted, highlighting security challenges in the software. The disclosure aims to inform and protect users against potential threats.
New "SOAPwn" .NET Vulnerabilities Expose Barracuda, Ivanti and Microsoft Appliances to ...
Ivanti Endpoint Manager is vulnerable to the "SOAPwn" .NET vulnerabilities, which can be exploited for remote code execution (RCE) through malicious WSDL files. This vulnerability, identified as CVE-...2025-13659, involves namespace payload injection, allowing attackers to execute arbitrary code by manipulating SOAP requests.
Ivanti released security updates addressing multiple high- and medium-severity vulnerabilities in its products, including Endpoint Manager, Connect Secure, Policy Secure, ZTA Gateways, and Neurons fo...r Secure Access. The updates fix issues like insufficient filename validation and missing authorization, which could lead to code execution and unauthorized actions.
Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
Ivanti's Connect Secure appliances were targeted by cyberattacks exploiting vulnerabilities CVE-2025-0282 and CVE-2025-22457, leading to the deployment of MDifyLoader and in-memory Cobalt Strike atta...cks. These flaws, patched by Ivanti in early 2025, allowed unauthorized remote code execution and arbitrary code execution. Ivanti emphasizes the importance of staying updated to protect against such threats.
Ivanti in the Process of Achieving a FedRAMP High Designation through Partnership with Project Hosts
Ivanti is working with Project Hosts to achieve FedRAMP High designation for its Neurons Platform and Neurons for MDM with Access. This collaboration aims to enhance security and compliance for U.S. ...federal agencies, enabling them to leverage Ivanti's cloud solutions for improved data protection and operational efficiency. The FedRAMP High authorization will ensure adherence to stringent cybersecurity standards, supporting federal agencies' mobility management needs.
Ivanti Partners with Project Hosts to Accelerate FedRAMP High and DoD IL5 Compliance Journey
Ivanti has partnered with Project Hosts to enhance its FedRAMP High and DoD IL5 compliance efforts. This strategic collaboration aims to strengthen Ivanti's cloud services for federal government clie...nts, leveraging Project Hosts' expertise in security compliance. The partnership will focus on achieving necessary certifications to meet stringent federal standards, expanding Ivanti's market reach within the government sector.
Ivanti has partnered with Bpod to enhance its presence in the Latin American market, focusing on Brazil and other key regions. This collaboration will leverage Bpod's regional expertise to expand Iva...nti's market share, strengthen partnerships, and deliver tailored IT and security solutions. The partnership aims to drive growth through modern demand-generation strategies and deepen relationships with partners and customers.
Westcon-Comstor signs distribution agreement with security company Ivanti - CRN Australia
Westcon-Comstor has signed a distribution agreement with Ivanti to distribute its entire portfolio, including network security, endpoint management, and enterprise service management solutions in Aus...tralia. This partnership aims to empower partners with comprehensive security and automation offerings, addressing the growing demand for integrated cybersecurity solutions driven by evolving threats and hybrid work environments.
Ivanti has appointed Jai Sahney as the new Senior Vice President for Asia Pacific & Japan. Sahney will focus on accelerating growth, strengthening customer and partner engagement, and building a high...-performance organization. He emphasizes the importance of the Ivanti Neurons platform in simplifying IT operations and security. Sahney aims to enhance partnerships, particularly with Logicalis Australia, to drive regional success.
Ivanti Appoints Jai Sahney as Senior Vice President, Asia Pacific & Japan
Ivanti has appointed Jai Sahney as Senior Vice President for Asia Pacific & Japan. Sahney will focus on driving growth, enhancing customer and partner engagement, and building a high-performance team... in the region. With nearly 30 years of experience in enterprise software, Sahney aims to help organizations simplify complexity and strengthen security.
Ivanti Appoints Jai Sahney as Senior Vice President, Asia Pacific & Japan
Ivanti has appointed Jai Sahney as Senior Vice President for Asia Pacific & Japan. Sahney will focus on driving growth, enhancing customer and partner engagement, and building a high-performance team... in the region. With extensive experience in enterprise software and SaaS, Sahney aims to strengthen Ivanti's position as a leader in IT and security solutions across APJ.
Seasoned Tech Leader Karl Triebes Joins Ivanti as Chief Product Officer
Ivanti has appointed Karl Triebes as Chief Product Officer to drive innovation and enhance customer satisfaction. With over 30 years of experience in tech leadership at companies like F5 and Amazon, ...Triebes will align Ivanti's product strategy with long-term goals, ensuring high-quality technology solutions and sustained business growth.
Ivanti Brand Refresh Empowers Innovation at Work and Elevate Human Potential
Ivanti has announced a brand refresh to align with its mission of managing, protecting, and automating technology to foster continuous innovation. This rebranding emphasizes Ivanti's commitment to em...powering organizations by integrating IT and security, enhancing productivity, and driving innovation through its AI-powered Ivanti Neurons platform.
Mass exploitation of CVE-2026-1281 and CVE-2026-1340 in Ivanti EPMM
Ivanti disclosed two critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, in its Endpoint Manager Mobile (EPMM), allowing unauthenticated remote code execution. These vulnerabilities have been ...actively exploited, leading to significant security incidents across various sectors. Ivanti provided emergency mitigation guidance, while the German Federal Office for Information Security issued warnings about widespread exploitation.
CISA Warns of RESURGE Malware Exploiting 0-Days to Breach Ivanti Connect Secure Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about the RESURGE malware exploiting a zero-day vulnerability (CVE-2025-0282) in Ivanti Connect Secure devices. T...his malware, which includes components like SPAWNSLOTH and dsmain, can survive reboots, steal credentials, and maintain control over compromised systems. CISA advises affected organizations to perform factory resets and reset all account credentials to mitigate the threat.
CISA warns that RESURGE malware can be dormant on Ivanti devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about the RESURGE malware, which can remain dormant on Ivanti Connect Secure devices. This malware exploits a cri...tical vulnerability, CVE-2025-0282, and employs sophisticated evasion techniques to avoid detection. It uses a fake Ivanti certificate for authentication, allowing attackers to establish secure remote access. CISA advises administrators to use updated indicators of compromise to detect and remove infections.
Ivanti Zero-Day Exploits Surge: July 2025 Attacks Confirmed
Security researchers have identified a surge in zero-day exploits targeting Ivanti's enterprise products since July 2025. These attacks involve malware delivery, web shell deployment, and reconnaissa...nce activities, posing significant risks to organizations using Ivanti solutions. Enterprises are advised to apply security patches, monitor for unusual activities, and enhance network segmentation to mitigate threats.
Ivanti's Endpoint Manager Mobile (EPMM) was exploited in a cyber attack affecting Dutch and European government systems. The breach exposed employee data due to vulnerabilities CVE-2026-1281 and CVE-...2026-1340, which Ivanti patched on January 29, 2026. The attack involved a sophisticated campaign targeting EPMM, highlighting the need for resilience and rapid response to such threats.
Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data
Dutch agencies, including the Data Protection Authority and the Council for the Judiciary, experienced cyberattacks exploiting vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). These attacks ...exposed employee contact data, prompting immediate action and ongoing monitoring by the National Cyber Security Center. The European Commission also detected a similar attack on its mobile device management system, highlighting the need for enhanced cybersecurity measures.
