Bleeping Computer

Ivanti Workspace Control hardcoded key flaws expose SQL credentials

Ivanti has released security updates to fix three high-severity hardcoded key vulnerabilities in the company's Workspace Control (IWC) solution. IWC helps enterprise admins manage desktops and ...
VentureBeat

Most ransomware playbooks don't address machine credentials. Attackers know it.

The gap between ransomware threats and the defenses meant to stop them is getting worse, not better. Ivanti’s 2026 State of Cybersecurity Report found that the preparedness gap widened by an average ...
Dark Reading

CISA Takedown of Ivanti Systems Is a Wake-up Call

This story was updated on July 10. In the wake of the attack on Ivanti's VPN software, which prompted decisive action from the Cybersecurity and Infrastructure Security Agency (CISA), what can we ...
VentureBeat

How generative AI is defining the future of identity access management

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Generative AI defines the future of ...
CRN

CISA: Attackers Are Bypassing Ivanti VPN Bug Mitigations

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...
CSOonline

Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers

Palo Alto Networks’ Unit 42 says two critical flaws are being actively abused to gain unauthenticated access, deploy persistent backdoors, and compromise entire enterprise mobile fleets even after ...
CSOonline

Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances

Researchers from Google’s Mandiant division believe the critical remote code execution vulnerability patched on Wednesday by software vendor Ivanti has been exploited since mid-December by a Chinese ...