Ivanti VPN Zero-Day Vulnerability Compromises Corporate Networks

Ivanti VPN Zero-Day Vulnerability Compromises Corporate Networks
Ivanti has issued a warning regarding a critical zero-day vulnerability, tracked as CVE-2025-0282, affecting its widely-used VPN products. This vulnerability allows hackers to remotely exploit the system without authentication, leading to potential network intrusions. The company discovered the issue after its Integrity Checker Tool flagged malicious activities. A patch is available for the Connect Secure solution, but updates for other products are pending. Security firm Mandiant suspects a China-linked group may be behind the attacks, echoing previous incidents targeting Ivanti.