CISA Alerts on Malware Exploiting Ivanti EPMM Vulnerabilities and Supply Chain Risks
Originally Published 3 months ago — by BleepingComputer
CISA has revealed that threat actors exploited two vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) to deploy malware, with evidence suggesting a China-linked espionage group was involved. The malware was delivered via segmented HTTP requests, allowing attackers to execute remote commands, exfiltrate data, and establish persistence. Ivanti addressed the vulnerabilities in May, but attacks had already occurred, prompting recommendations for immediate patching and heightened security measures.