Security News > 2025 > May > Ivanti patches two zero-days under active attack as intel agency warns customers
2025-05-14 16:29
Vendor says vulns are linked with 2 mystery open source libraries integrated into EPMM product Australia's intelligence agency is warning organizations about several new Ivanti zero-days chained for remote code execution (RCE) attacks. The vendor itself has said the vulns are linked to two mystery open source libraries which it declined to name.…
News URL
https://go.theregister.com/feed/www.theregister.com/2025/05/14/ivanti_patches_two_zerodays_and/
Related news
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- Ivanti fixes EPMM zero-days chained in code execution attacks (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- SAP fixes suspected Netweaver zero-day exploited in attacks (source)
- More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- Google: 97 zero-days exploited in 2024, over 50% in spyware attacks (source)