CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws ...

The US government shared Ivanti exploit chains, IOCs and breach forensics data to help network defenders hunt for signs of ...

CISA said Wednesday the Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications advisory was released to ...

The vendor’s customers have confronted multiple attack sprees targeting zero-days spanning a variety of products.

Threat actors have been actively exploiting chained vulnerabilities in Ivanti Cloud Service Appliances (CSA), significantly amplifying the impact of their cyber-attacks.

Salt Typhoon, a state-sponsored actor linked to the People’s Republic of China, has breached at least nine U.S.-based telecommunications companies with the intent to target high profile government and ...

CISA, the U.S. cybersecurity agency, and the FBI report that attackers are still exploiting security vulnerabilities in ...

Data from the Shadowserver Foundation shows 48,457 Fortinet boxes are still publicly exposed and haven't had the patch for CVE-2024-55591 applied, despite stark warnings issued over the past seven ...

Experts welcome economic sanctions against gang believed to be behind telecom hacks, but warn tougher action is needed.

A third vulnerability patched by Cisco is CVE-2025-20128 (CVSS score: 5.3), an integer underflow bug impacting the Object ...

Editor's note: Story updated 4:15 p.m. Eastern, January 19, with comments from CISA official. Civilian agencies across the U.S. government are being ordered to immediately patch two vulnerabilities ...

This echoes an earlier report by Trend Micro that said malware spotted in Salt Typhoon campaigns includes SnappyBee, which is a modular backdoor shared among Chinese-government-linked groups, plus the ...