Ivanti confirms active zero-day exploits, ships pre-patch mitigations, but says comprehensive fixes won't be available until January 22.

SecurityWeek is a platform or publication dedicated to cybersecurity news, analysis, and insights for professionals and enthusiasts. Readers can learn about threat intelligence, security vulnerabilities, and defensive strategies. With articles, reports, and expert commentary, SecurityWeek keeps readers informed and up-to-date on the latest developments in cybersecurity.

SecurityWeek

Chinese hackers are actively exploiting unauthenticated remote zero-day vulnerabilities in Ivanti Connect Secure VPN devices. Ivanti has released pre-patch mitigations while comprehensive fixes are under development. Volexity discovered the exploits after noticing suspicious activity on one of its customer's networks.

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days