Techly NewsGet the app

Get the latest tech news

Hackers are exploiting a new Ivanti VPN security bug to hack into company networks


Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December.

U.S. software giant Ivanti has warned that a zero-day vulnerability in its widely-used enterprise VPN appliance has been exploited to compromise the networks of its corporate customers. This is the same cluster of threat group activity that exploited two zero-day flaws in Connect Secure in 2024 to launch mass hacks against Ivanti customers, Mandiant said in its blog post on Wednesday. Ben Harris, CEO of security research firm watchTowr Labs, told TechCrunch in an email that the company has seen “widespread impact” as a result of this latest Ivanti VPN flaw and has “been working with clients all day to make sure they’re aware.”

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of Hackers

Hackers

Photo of company networks

company networks

Photo of Ivanti

Ivanti

Related news:

News photo

Ivanti warns of new Connect Secure flaw used in zero-day attacks

News photo

Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens

News photo

Edtech giant PowerSchool says hackers accessed personal data of students and teachers

« Stay Gold, America
Starlink is getting squeezed in Africa | It hasn't been easy goings for Starlink in Africa, as it faces challenges across what are likely its largest markets on the continent. »