CISA Alerts on Malware Exploiting Ivanti EPMM Vulnerabilities and Supply Chain Risks

September 19, 2025 at 03:46 PM

•

1 min read

CISA Alerts on Malware Exploiting Ivanti EPMM Vulnerabilities and Supply Chain Risks — Photo: BleepingComputer

TL;DR Summary

CISA has revealed that threat actors exploited two vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) to deploy malware, with evidence suggesting a China-linked espionage group was involved. The malware was delivered via segmented HTTP requests, allowing attackers to execute remote commands, exfiltrate data, and establish persistence. Ivanti addressed the vulnerabilities in May, but attacks had already occurred, prompting recommendations for immediate patching and heightened security measures.

Topics:business #cisa #cybersecurity #espionage #ivanti-epmm #malware #vulnerabilities

Share this article

CISA exposes malware kits deployed in Ivanti EPMM attacks BleepingComputer
CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428 The Hacker News
CISA Issues Warning on Malware Campaign Targeting Ivanti Endpoint Manager Mobile Vulnerabilities Cyber Press
CISA Links Chinese Malware to Ivanti Zero-Day Exploits and Supply-Chain Risks WebProNews
CISA warns of malware exploiting Ivanti Endpoint Manager Mobile SC Media

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

87%

490 → 66 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights