A handful of European government agencies have been compromised by hackers in recent weeks, thanks to a new round of critical vulnerabilities in an Ivanti product — and it's another grim reminder of ...

The Cybersecurity and Infrastructure Security Agency published detailed recommendations on two malware versions that targeted the Ivanti Endpoint Manager Mobile. The detailed report can offer ...

Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks. The flaws are ...

CISA warns attackers chained CVE-2025-4427 and CVE-2025-4428 to breach Ivanti EPMM systems Malware was delivered via EL injection and reconstructed from Base64-encoded payloads CISA did not confirm ...

Several European government institutions appear to have been targeted in a coordinated campaign designed to steal data on mobile users, it has emerged. First reported late last week, the incidents ...

Palo Alto Networks’ Unit 42 says two critical flaws are being actively abused to gain unauthenticated access, deploy persistent backdoors, and compromise entire enterprise mobile fleets even after ...

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but also endanger connected Ivanti Sentry mobile traffic gateways. IT software ...

Update: The article initially listed the wrong CVEs. This has now been corrected to list the CVEs: CVE-2026-1286 and CVE-2026-1340 Threat intelligence observations show that a single threat actor is ...