Tag: ivanti

Ivanti patcht fünf Sicherheitslücken in EPMM. Eine davon wird als Zero‑Day bereits aktiv ausgenutzt und erlaubt Codeausführung. Ehemalige Angriffe sowie eine Aufforderung der CISA verdeutlichen das Risiko.

Ivanti EPM: Sicherheitslücken ermöglichen SQL-Iinjection und RechteausweitungAlertheise Security Quelle: Heise Security Ticker

Successful exploitation of these flaws could lead to arbitrary code execution and information disclosure. The post Fortinet, Ivanti Patch Critical Vulnerabilities appeared first on SecurityWeek.

Ivanti EPMM: Update stopft bereits angegriffene SicherheitslückenAlertheise Security Quelle: Heise Security Ticker

CVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code. The post Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.

Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. […]

The flaws could allow a remote attacker to maintain access after their account has been disabled and to access information from other user sessions. The post Two Vulnerabilities Patched in Ivanti Neurons for ITSM  appeared first on SecurityWeek.

Malware Analysis at a Glance Executive Summary The Cybersecurity and Infrastructure Security Agency (CISA) obtained two sets of malware from an organization compromised by cyber threat actors exploiting CVE-2025-4427 and CVE-2025-4428 in Ivanti Endpoint Manager Mobile (Ivanti EPMM). Each set contains loaders for malicious listeners that enable cyber threat actors to run arbitrary code on […]

Telehealth giant Hims & Hers Health is warning that it suffered a data breach after support tickets were stolen from a third-party customer service platform. […]