SecurityWeek

Ivanti Patches Endpoint Manager Vulnerabilities Disclosed in October 2025

Ivanti has patched a dozen vulnerabilities in Endpoint Manager, including a new high-severity bug leading to credential exposure.
Security Boulevard

CVE-2026-1281 & CVE-2026-1340: Actively Exploited Pre-Authentication RCE in Ivanti EPMM

Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. The post CVE-2026-1281 & CVE-2026-1340: ...
Dark Reading

Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again

It's time to phase out the "patch and pray" approach, eliminate needless public interfaces, and enforce authentication ...
The Register on MSN

January blues return as Ivanti coughs up exploited EPMM zero-days

Consider yourselves compromised, experts warn Ivanti has patched two critical zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) product that are already being exploited, continuing a grim ...
CSO Online

Ivanti patches two actively exploited critical vulnerabilities in EPMM

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but ...
The Hacker News

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile ...
Que.com on MSN

Hidden IP drives majority of Ivanti EPMM threat activity

Security teams tracking exploitation attempts against Ivanti Endpoint Manager Mobile (EPMM) are increasingly running into a ...
Business Wire

Ivanti Launches Ring Deployment to Reduce Patch Risk and Help Customers Address the Evolving Threat Landscape

SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the enterprise software company that provides a comprehensive IT and security cloud-based platform, has launched Ring Deployment in Ivanti Neurons for Patch ...
Yahoo

Ivanti patches serious Connect Secure flaw

Ivanti has recently patched a critical severity vulnerability found in its Connect Secure (ICS) VPN appliances which was allegedly being abused in the wild by Chinese state-sponsored actors.
HHS

Breach Roundup: The Ivanti Patch Treadmill

Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. This week: The U.S. federal government warned Ivanti customers to patch, Microsoft Patch ...
Business Wire

Ivanti Neurons for Patch Management Introduces Risk-Based Deployment to Tackle Growing Cyber Threats and Automate Patching Process

SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the tech company that breaks down barriers between IT and security so that Everywhere Work can thrive, announced new features for Ivanti Neurons for Patch ...
SDxCentral

Ivanti Neurons for Patch Management Introduces Risk-Based Deployment to Tackle Growing Cyber Threats and Automate Patching Process

New features in Ivanti Neurons for Patch Management enable automated risk-based patching based on vulnerability and compliance. SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the tech company that breaks ...