The Register on MSN

January blues return as Ivanti coughs up exploited EPMM zero-days

Consider yourselves compromised, experts warn Ivanti has patched two critical zero-day vulnerabilities in its Endpoint ...
SecurityWeek

Ivanti Patches Exploited EPMM Zero-Days

Ivanti has patched CVE-2026-1281 and CVE-2026-1340, two Endpoint Manager Mobile (EPMM) flaws exploited as zero-days.
CSO Online

Ivanti patches two actively exploited critical vulnerabilities in EPMM

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but ...
Yahoo

Ivanti patches two zero-days under attack, but finds another

Ivanti warned on Wednesday that hackers are exploiting another previously undisclosed zero-day vulnerability affecting its widely used corporate VPN appliance. Since early December, Chinese ...
Hosted on MSN

Ivanti patches two zero-days under active attack as intel agency warns customers

Australia's intelligence agency is warning organizations about several new Ivanti zero-days chained for remote code execution (RCE) attacks. The vendor itself has said the vulns are linked to two ...

Ivanti warns of two EPMM flaws exploited in zero-day attacks

Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and ...
Bleeping Computer

Ivanti patches MobileIron zero-day bug exploited in attacks

US-based IT software company Ivanti has patched an actively exploited zero-day authentication bypass vulnerability impacting its Endpoint Manager Mobile (EPMM) mobile device management software ...