• The Hacker News

The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicio ... Read more

• Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto

In a report published by ANSSI on July 1, 2025, the French cybersecurity agency revealed a highly skilled cybercrime group, dubbed Houken, has carried out a sophisticated attack campaign exploiting mu ... Read more

• security.nl

Franse organisaties, waaronder overheidsinstanties, defensiebedrijven en telecombedrijven, zijn eind vorig jaar aangevallen via kwetsbaarheden in Ivanti Cloud Service Appliance (CSA). Op het moment va ... Read more

• Cyber Security News

A sophisticated Chinese threat group identified as Houken has been exploiting multiple zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) devices to deploy advanced Linux rootkits and es ... Read more

• Daily CyberSecurity

The French cybersecurity agency ANSSI has exposed a sophisticated threat actor dubbed Houken. First observed exploiting zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) devices in Sept ... Read more

• Daily CyberSecurity

SentinelLABS has unveiled an extensive report detailing a wave of cyber-espionage activity that directly targeted SentinelOne and over 70 other organizations worldwide. Tracked as part of two intercon ... Read more

• Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto

SentinelLABS uncovers widespread China-linked cyber espionage targeting over 70 global organizations and cybersecurity firms between July 2024 and March 2025. Learn about the “PurpleHaze (aka Vixen Pa ... Read more

• The Hacker News

Government Security / Cyber Espionage The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets be ... Read more

• Dark Reading

Source: Shane Stickley via Alamy Stock PhotoThreat actors from China targeted a security vendor as part of a spree of attacks against various organizations that occurred in an eight-month period start ... Read more

• The Register

An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted malware to access strategic networks sho ... Read more

• The Hacker News

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Lin ... Read more

• AttackIQ

On January 22, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) in response to the exploitation ... Read more

• AttackIQ

On January 22, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) in response to the exploitation ... Read more

• Dark Reading

Source: Kristoffer Tripplaar via Alamy Stock PhotoNEWS BRIEFCyberattackers are using a new threat vector involving several Ivanti vulnerabilities in order to subvert the company's Cloud Service Applia ... Read more

• BleepingComputer

CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks. The vulnerabilities chaine ... Read more

• security.nl

Eind vorig jaar zijn meerdere organisaties het slachtoffer van aanvallen geworden waarbij meerdere kwetsbaarheden in Ivanti Cloud Service Appliances (CSA) werden gecombineerd. Dat laten de FBI en het ... Read more

• The Hacker News

Network Security / Vulnerability Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain adminis ... Read more

• The Cyber Express

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have jointly issued a Cybersecurity Advisory to address the active exploitation of critical vu ... Read more

• The Register

Ivanti just put out a security advisory warning of three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10. CSA is a tempting target for cyberattacks because of ... Read more

• Cybersecurity News

Ivanti, a leading provider of IT management and security solutions, has released critical security updates for the Ivanti Cloud Services Application (CSA). These updates address vulnerabilities that c ... Read more

• BleepingComputer

Today, Ivanti warned customers about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. The security flaw (tracked as CVE-2024-11639 and reporte ... Read more

• The Hacker News

Cybersecurity / Weekly Recap Hi there! Here's your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in l ... Read more

• Cybersecurity News

In a significant discovery by Microsoft Threat Intelligence, a vulnerability in macOS, identified as CVE-2024-44133, has been found to bypass Apple’s Transparency, Consent, and Control (TCC) technolog ... Read more

• Dark Reading

Source: Kristoffer Tripplaar via Alamy Stock Photo A deft chaining together of three separate zero-day flaws in Ivanti's Cloud Service Appliance allowed a particularly potent cyberattacker to infiltra ... Read more

• The Hacker News

Network Security / Vulnerability A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a series of malicio ... Read more

• Cybersecurity News

Fortinet’s FortiGuard Labs recently released a detailed analysis of a sophisticated cyberattack targeting the Ivanti Cloud Services Appliance (CSA). The attackers, suspected to be a nation-state actor ... Read more

• Cybersecurity News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its Known Exploited Vulnerabilities (KEV) catalog, following confirmed reports of active exploita ... Read more

• TheCyberThrone

Ivanti has released patches for its Cloud Services Appliance (CSA) to address multiple vulnerabilities, including one that is actively being exploited in the wild.The vulnerabilities affect CSA versio ... Read more

• Help Net Security

Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company accidentally fixed in September. ... Read more

• The Hacker News

Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjun ... Read more

• BleepingComputer

Image: MidjourneyAmerican IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks. As Ivanti revealed ... Read more

• Cybersecurity News

Ivanti has recently released urgent security updates for its Cloud Services Appliance (CSA) to address multiple vulnerabilities, including one that is actively being exploited in the wild. The company ... Read more

• Cybersecurity News

MediaTek, a leading semiconductor company, has issued an October 2024 Product Security Bulletin addressing critical vulnerabilities affecting a wide range of its chipsets, including those used in smar ... Read more

• Cybersecurity News

The Jenkins project has issued a security advisory, urging users to update their installations immediately due to the discovery of multiple vulnerabilities. These flaws could allow attackers to steal ... Read more

• The Hacker News

Vulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May t ... Read more

• Cybersecurity News

Western Digital has released a security advisory addressing a high-severity vulnerability (CVE-2024-22170) impacting a range of My Cloud devices. The vulnerability, which carries a CVSS score of 9.2, ... Read more

• Dark Reading

Source: Kristoffer Tripplaar via Alamy Stock PhotoThe Cybersecurity and Infrastructure Security Agency (CISA) has added a third Ivanti vulnerability to the agency's Known Exploited Vulnerabilities (KE ... Read more

• The Hacker News

Vulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Expl ... Read more

• TheCyberThrone

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, September 21, 2024.Microsoft Kernel Vulne ... Read more

• TheCyberThrone

Nigerian ngCERT has issued an urgent warning of ransomware groups actively targeting critical systems by exploiting the vulnerability tracked as CVE-2023-27532 in Veeam Backup and Replication software ... Read more

• Dark Reading

Source: Kristoffer Tripplaar via Alamy Stock PhotoLess than two weeks after patching one flaw, Ivanti announced on Sept. 19 that a second, critical Cloud Services Appliance (CSA) vulnerability is bein ... Read more

• The Register

The US Cybersecurity and Infrastructure Security Agency (CISA) just added the latest Ivanti weakness to its Known Exploited Vulnerability (KEV) catalog, a situation sure to annoy some – given that it' ... Read more

• security.nl

Softwarebedrijf Ivanti waarschuwt klanten voor een kritiek path traversal-lek in Cloud Service Appliance (CSA) waar aanvallers actief misbruik van maken en dat 'bij toeval' op 10 september werd opgelo ... Read more

• TheCyberThrone

Ivanti has released a patch for a critical vulnerability in its new Cloud Services Appliance (CSA) vulnerability, which will lead to a path traversal issueThe vulnerability tracked as CVE-2024-8963 wi ... Read more

• The Hacker News

Enterprise Security / Network Security Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, ... Read more

• Cybersecurity News

Ivanti, a leader in enterprise software, has disclosed a critical vulnerability in its Ivanti Connect Secure Appliance (CSA) 4.6, identified as CVE-2024-8963. This vulnerability, rated at a CVSS score ... Read more

• BleepingComputer

Image: MidjourneyToday, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. Tracked as CVE-2024-896 ... Read more