Security News > 2025 > March > Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released
2025-03-02 09:00
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Massive botnet hits Microsoft 365 accounts A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) A proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. Avoiding vendor lock-in when using managed cloud security services … More → The post Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released appeared first on Help Net Security.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-14 | CVE-2024-13159 | Unspecified vulnerability in Ivanti Endpoint Manager 2021.1.1/2022/2024 Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | 7.5 |