Ivanti RCE attacks 'ongoing,' exploitation hits clouds

These two Ivanti bugs are allowing hackers to target cloud instances - so patch now

Separately, they're not critical. Chained, the two flaws are highly dangerous.

Ivanti RCE attacks 'ongoing,' exploitation hits clouds

: Nothing like insecure code in security suites

'Ongoing' Ivanti hijack bug exploitation reaches clouds

Nothing like insecure code in security suites The “ongoing exploitation” of two Ivanti bugs has now extended beyond on-premises environments and hit customers’ cloud instances, according to security shop Wiz.… This article has been indexed from The Register – Security… Read more → The post ‘Ongoing’ Ivanti hijack bug exploitation reaches clouds appeared first on IT Security News.

Critical Ivanti EPMM Vulnerabilities Under Active Exploitation, Patches Released

Two critical security vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile (EPMM), with evidence of active exploitation in the wild. The vulnerability chain consists of CVE-2025-4427, an authentication bypass flaw with a CVSS score of 5.3, and CVE-2025-4428, a remote code execution vulnerability with a CVSS score of 7.2. The discovery emerges amid growing concerns about authentication bypass techniques in enterprise security sy…