The vulnerability, nicknamed ProxyLogon, was disclosed by Microsoft in 2021, and a patch has been available for 4 years.

The Cybersecurity and Infrastructure Security Agency and FBI Jan. 22 released an advisory explaining how cyberthreat actors ...

The agencies have, once again, repeated their earlier calls for upgrades, and urged network administrators to be on the lookout for signs of compromise. By submitting your information you agree to the ...

CISA, the U.S. cybersecurity agency, and the FBI report that attackers are still exploiting security vulnerabilities in ...

CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws ...

The vendor’s customers have confronted multiple attack sprees targeting zero-days spanning a variety of products.

A third vulnerability patched by Cisco is CVE-2025-20128 (CVSS score: 5.3), an integer underflow bug impacting the Object ...

The US government shared Ivanti exploit chains, IOCs and breach forensics data to help network defenders hunt for signs of ...

Data from the Shadowserver Foundation shows 48,457 Fortinet boxes are still publicly exposed and haven't had the patch for ...

Paolo Passeri discusses the unprecedented number of exploitation of remote access technologies in 2024, and how organizations ...

IT software vendor Ivanti recently released security updates to address multiple vulnerabilities in its Avalanche, Application Control Engine, and ...

Ivanti patches four EPM vulnerabilities (CVSS 9.8) and updates Avalanche and Application Control Engine. No exploitation ...