Techly NewsGet the app

Get the latest tech news

Hackers begin mass-exploiting Ivanti VPN zero-day flaws


Security researchers say they have evidence that thousands of companies have been hacked by way of two zero-day flaws in Ivanti VPNs.

That’s according to cybersecurity company Volexity, which first reported last week that China state-backed hackers are exploiting the two unpatched flaws in Ivanti Connect Secure — tracked as CVE-2023-46805 and CVE-2024-21887 — to break into customer networks and steal information. In a statement provided via public relations agency MikeWorldWide, Ivanti told TechCrunch that it has “seen a sharp increase in threat actor activity and security researcher scans.” When reached Tuesday, Volexity’s spokesperson Kristel Faris told TechCrunch that the security firm is in contact with Ivanti, which is “responding to an increase in support requests as quickly as possible.”

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of Hackers

Hackers

Photo of mass

mass

Photo of day flaws

day flaws

Related news:

News photo

Framework says hackers accessed customer data after phishing attack on accounting partner

News photo

Fidelity National Financial: Hackers stole data of 1.3 million people

News photo

Texas-based care provider HMG Healthcare says hackers stole unencrypted patient data

« BT changes mobile and broadband price rise policy
CEOs Say Generative AI Will Result in Job Cuts This Year »