Ivanti is a organization tracked across 34 threat clusters and 67 intelligence report mentions on ThreatCluster. First observed November 12, 2025; most recent activity July 5, 2026.
The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that U.S. federal agencies patch a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1340, by April 11, 2026.…
A China-linked threat actor known as Red Menshen has been conducting a long-term espionage campaign targeting global telecommunications networks using a stealthy Linux kernel backdoor called BPFdoor. This malware…
Between May 2025 and Spring 2026, the Belgian State Security experienced a data breach exposing employee information, attributed to vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). Hackers exploited flaws…
Ivanti has disclosed a critical vulnerability in its Endpoint Manager (EPM) solution, tracked as CVE-2025-10573, which has a CVSS score of 9.6. This Stored XSS vulnerability could allow remote unauthenticated attackers…
In mid-2023, cybercriminals exploited unpatched vulnerabilities in Ivanti's Endpoint Manager Mobile (EPMM), resulting in a significant data breach affecting government and enterprise systems worldwide. The breach led to…
Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway, formerly MobileIron Sentry. The first, CVE-2026-10520, is an OS command injection flaw allowing remote code execution with root…
Ivanti has disclosed a zero-day vulnerability (CVE-2026-6973) in its Endpoint Manager Mobile (EPMM) product, which has been actively exploited by attackers. This flaw allows authenticated users with administrative…
Two critical vulnerabilities in Ivanti's Endpoint Manager Mobile (EPMM), CVE-2026-1281 and CVE-2026-1340, have been actively exploited in the wild, allowing unauthenticated remote code execution (RCE) with a CVSS score…
GreyNoise Intelligence has released a report indicating that spikes in malicious activity often precede the disclosure of new vulnerabilities in edge devices. The study tracked 147.8 million sessions over 103 days,…
CISA has identified a high-severity vulnerability in Ivanti Endpoint Manager (EPM), tracked as CVE-2026-1603, which is currently being exploited in attacks. The flaw allows remote threat actors to bypass authentication…