Ivanti
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04. Tracked as CVE-2026-10520, this maximum-severity vulnerability was found in Ivanti’s security gateway appliance (formerly known as MobileIron Sentry) and stems from an OS […]
Max severity Ivanti Sentry vulnerability now exploited in attacks
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways. Formerly known as MobileIron Sentry, the Ivanti Sentry security gateway appliance secures traffic between back-end corporate systems and remote mobile devices. Tracked as CVE-2026-10520, the maximum-severity vulnerability stems from an OS […]
Ivanti: Max severity Sentry flaw allows code execution as root
Security software company Ivanti has released patches to address two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that enables remote attackers to execute code with root privileges. Formerly known as MobileIron Sentry, Ivanti Sentry is a security gateway appliance that secures traffic between back-end corporate systems and remote mobile […]
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in zero-day attacks. Tracked as CVE-2026-6973, this security flaw allows attackers with administrative privileges to execute arbitrary code remotely on systems running […]
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. The security flaw (tracked as CVE-2026-6973) stems from an Improper Input Validation weakness that allows remote attackers with administrative privileges to execute arbitrary code on targeted systems running EPMM 12.8.0.0 and earlier. Ivanti says […]
CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January. Tracked as CVE-2026-1340, this critical-severity code injection flaw enables threat actors without privileges to gain remote code execution on Internet-exposed and unpatched EPMM appliances. Ivanti flagged this and a second security […]
CISA: Recently patched Ivanti EPM flaw now actively exploited
CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks. Ivanti’s EPM software is an all-in-one endpoint management solution for managing client devices across Windows, macOS, Linux, Chrome OS, and IoT platforms. Tracked as CVE-2026-1603, this security flaw can be exploited […]
CISA warns that RESURGE malware can be dormant on Ivanti devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. The update focuses on the implant’s undetected latency on the appliances and its “sophisticated network-level evasion and authentication techniques” that enable covert communication with the attacker. […]
One threat actor responsible for 83% of recent Ivanti RCE attacks
Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340. The security issues have been flagged as actively exploited in zero-day attacks in Ivanti’s security advisory, where the company also announced hotfixes. Both flaws received a critical severity rating and […]
European Commission discloses breach that exposed staff data
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. The Commission said on Friday that it detected traces of a cyberattack targeting infrastructure that manages its staff’s mobile devices. While the attackers may have accessed some staff members’ personal information, including names and phone numbers, the […]