Bleeping Computer

Ivanti warns of new Connect Secure flaw used in zero-day attacks

Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it became ...
SDxCentral

Ivanti updates Connect Secure, Policy Secure for CVE-2025-22457 vulnerabilities

For any instances of Ivanti Connect Secure that were not updated by Feb. 28, 2025, to the latest Ivanti patch (22.7R2.6) and all instances of Pulse Connect Secure (EoS), Policy Secure, and ZTNA ...
Bleeping Computer

Ivanti patches Connect Secure zero-day exploited since mid-March

Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025.