EPMM

CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January. Tracked as CVE-2026-1340, this critical-severity code injection flaw enables threat actors without privileges to gain remote code execution on Internet-exposed and unpatched EPMM appliances. Ivanti flagged this and a second security […]