Did you have a good break? Have you had a chance to breathe? Wake up.

It’s 2024, and the chaos continues - thanks to Volexity (Volexity’s writeup), the industry has been alerted to in-the-wild exploitation of 2 incredibly serious 0days (CVE-2023-46805 and CVE-2024-21887 - two bugs, Command Injection

Volexity has uncovered active in-the-wild exploitation of two vulnerabilities allowing unauthenticated remote code execution in Ivanti Connect Secure VPN appliances. An official security advisory and knowledge base article have been released by Ivanti that includes mitigation that should be applied immediately. However, a mitigation does not remedy a past or ongoing compromise. Systems should simultaneously be thoroughly analyzed per details in this post to look for signs of a breach.

Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack enrolled devices or the core server.

We have discovered two new vulnerabilities in Ivanti Endpoint Manager Mobile. We are reporting these vulnerabilities as CVE-2023-39335 and CVE-2023-39337.

US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild.

Hackers exploited a ‘zero-day’ flaw in Ivanti software to breach 12 ministries in Norway
Norway’s security officials warned around 20 critical infrastructure companies, other businesses and public agencies in the country they might also be vulnerable to a cyberattack disclosed Monday that hit 12 government ministries.

A second vulnerability affecting mobile endpoint management software from IT giant Ivanti has been discovered, according to a new advisory from the company.