endpoint management

New infostealer reaches enterprise devices through FortiClient EMS vulnerability

Arctic Wolf Networks, cookies, credentials, data theft, Don't miss, endpoint management, enterprise, Fortinet, Hot stuff, News, vulnerability /

New infostealer reaches enterprise devices through FortiClient EMS vulnerability 2026-05-29 at 18:31 By Zeljka Zorz Attackers are delivering a broad-spectrum infostealer to enterprise computers by exploiting a known vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS). “The [malicious] payload was presented as a Fortinet endpoint update and executed through FortiClient-managed VPN scripting workflows,” Arctic Wold […]

New infostealer reaches enterprise devices through FortiClient EMS vulnerability Read More »

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)

0-day, Don't miss, endpoint management, Hot stuff, Ivanti, News, vulnerability /

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) 2026-05-08 at 13:30 By Zeljka Zorz Ivanti has released fixes for 5 high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, one of which (CVE-2026-6973) has being exploited as a zero-day by attackers. “We are aware of a very limited number of customers exploited with CVE-2026-6973,” the

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) Read More »

Your security stack looks fine from the dashboard and that’s the problem

Absolute, CISO, cyber resilience, cyber risk, cybersecurity, Don't miss, endpoint management, enterprise, generative AI, News, report, Risk Management, RSAC 2026 /

Your security stack looks fine from the dashboard and that’s the problem 2026-03-25 at 08:07 By Anamarija Pogorelec One in five enterprise endpoints is operating outside a protected and enforceable state on any given day, according to device telemetry collected across tens of millions of corporate PCs. That figure, drawn from Absolute Security’s 2026 Resilience

Your security stack looks fine from the dashboard and that’s the problem Read More »

Secure endpoint management systems immediately, CISA urges

CISA, cybersecurity, endpoint management, Endpoint Security, Government, Microsoft, News, USA /

Secure endpoint management systems immediately, CISA urges 2026-03-19 at 14:59 By Sinisa Markovic The US Cybersecurity and Infrastructure Security Agency (CISA) warns that the cyberattack on Stryker Corporation serves as a signal to U.S. organizations that foreign cyber activity tied to Middle East conflicts may be spilling into their operations. Attackers breached Stryker’s internal Microsoft

Secure endpoint management systems immediately, CISA urges Read More »

Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281)

0-day, CISA, Don't miss, endpoint management, enterprise, Hot stuff, Ivanti, News, patch /

Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281) 2026-01-30 at 05:32 By Zeljka Zorz Ivanti has released provisional patches that fix two critical code injection vulnerabilities in Endpoint Manager Mobile (EPMM), one of which (CVE-2026-1281) has been exploited in zero-day attacks and has been added to CISA’s Known Exploited Vulnerabilities catalog. Investigating potential

Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281) Read More »

How exposure management changes cyber defense

cybersecurity, Don't miss, endpoint management, Endpoint Security, News, SixMap, Video /

How exposure management changes cyber defense 2025-12-17 at 07:36 By Help Net Security In this Help Net Security video, Larry Slusser, VP of Strategy at SixMap, explains why endpoint detection and response is only part of the security story. Drawing on his work as an incident responder, engagement manager, and ransomware negotiator, he describes EDR

How exposure management changes cyber defense Read More »

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)

0-day, CISA, Don't miss, endpoint management, Endpoint Security, Hot stuff, Japan, JPCERT/CC, Motex, News, security update /

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) 2025-10-23 at 17:10 By Zeljka Zorz CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day since April 2025, the Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) warned on Wednesday. According to information received

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) Read More »

PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)

Don't miss, endpoint management, enterprise, Horizon3.ai, Hot stuff, Ivanti, News, PoC /

PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) 2025-02-24 at 16:18 By Zeljka Zorz A proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities – CVE-2024-10811, CVE-2024-13161, CVE-2024-13160 and CVE-2024-13159 – may be exploited by remote, unauthenticated attackers to leverage Ivanti EPM machine account credentials

PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) Read More »

Microsoft asks Windows Insiders to try out the controversial Recall feature

Artificial Intelligence, data security, Don't miss, endpoint management, enterprise, Hot stuff, Microsoft, News, Privacy, Windows /

Microsoft asks Windows Insiders to try out the controversial Recall feature 2024-11-25 at 16:33 By Zeljka Zorz Participants of the Windows Insider Program that have a Qualcomm Snapdragon-powered Copilot+ PC can now try out Recall, the infamous snapshot-taking, AI-powered feature that was met with much criticism when it was unveiled earlier this year. “We heard

Microsoft asks Windows Insiders to try out the controversial Recall feature Read More »

Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)

CISA, Don't miss, endpoint management, enterprise, Hot stuff, Ivanti, News, vulnerability /

Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) 2024-10-03 at 18:31 By Zeljka Zorz CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivanti Endpoint Manager (EPM) appliances, is being exploited by attackers, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the bug to its Known Exploited Vulnerabilities catalog. Ivanti did the same by updating the

Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) Read More »

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)

CVE, Don't miss, endpoint management, Hot stuff, Ivanti, News, vulnerability /

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) 2024-09-11 at 15:02 By Zeljka Zorz Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code in the context of the vulnerable system, and use it as a beachhead for

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) Read More »

PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026)

Don't miss, endpoint management, enterprise, Hot stuff, Ivanti, News, PoC, Redline Cyber Security, vulnerability /

PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) 2024-05-20 at 14:02 By Zeljka Zorz Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the vulnerability’s reporter. About CVE-2024-22026 Ivanti Endpoint Manager Mobile (formerly MobileIron Core) is used by enterprises to

PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) Read More »

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)

Don't miss, endpoint management, Fortinet, Horizon3.ai, Hot stuff, News, PoC, SANS ISC, vulnerability /

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) 2024-03-14 at 16:36 By Zeljka Zorz A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of many: Horizon3’s Attack Team means to publish technical details and a proof-of-concept exploit for it next week, and

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) Read More »

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082)

CISA, Don't miss, endpoint management, exploit, GreyNoise, Ivanti, News, Rapid7, vulnerability /

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) 2024-01-19 at 19:49 By Zeljka Zorz A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited, the Cybersecurity and Infrastructure Security Agency (CISA) has confirmed by adding the vulnerability to its Known Exploited Vulnerabilities

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) Read More »

Best practices to mitigate alert fatigue

automation, cybersecurity, Don't miss, endpoint management, Hot stuff, network, SOC, Stamus Networks, threat detection, Video /

Best practices to mitigate alert fatigue 2024-01-17 at 06:32 By Help Net Security In this Help Net Security video, Peter Manev, Chief Strategy Officer at Stamus Networks, discusses a pervasive problem plaguing security analysts called “alert fatigue,” – which occurs when security teams become desensitized to an overwhelming volume of alerts, causing them to miss

Best practices to mitigate alert fatigue Read More »

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)

0-day, Don't miss, endpoint management, Hot stuff, Ivanti, MobileIron, News, Rapid7, security update, vulnerability /

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082) 03/08/2023 at 13:46 By Helga Labus Ivanti has disclosed a critical vulnerability (CVE-2023-35082) affecting old, out-of-support versions of MobileIron Core, an enterprise device solution that has since been rebranded to Ivanti Endpoint Manager Mobile (EPMM). “The vulnerability was incidentally resolved in MobileIron Core 11.3 as part of

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082) Read More »

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)

0-day, Don't miss, endpoint management, enterprise, Hot stuff, Ivanti, Mnemonic, MobileIron, News, security update, vulnerability /

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081) 31/07/2023 at 16:32 By Helga Labus Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted Last week, we reported on a remote unauthenticated API access vulnerability (CVE-2023-35078) affecting Ivanti EPMM having been exploited to target

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081) Read More »

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)

0-day, data theft, Don't miss, endpoint management, enterprise, Government, Hot stuff, Ivanti, MobileIron, News, Norway, security update /

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078) 25/07/2023 at 13:37 By Zeljka Zorz A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority (NSM) has confirmed on Tuesday. What is known about the attacks? On Monday,

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078) Read More »

Scroll to Top