French authorities said government agencies and businesses spanning telecom, media, finance and transportation were impacted by the widely exploited Ivanti vulnerabilities.

The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying it.

Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network…

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant.

The Chinese state-backed espionage group started targeting third-party IT services in late 2024, Microsoft researchers said.

The most consequential cyberattacks observed by Darktrace last year were linked to software defects in firewalls and perimeter network technologies.

After Ivanti detected the activity, Mandiant says it found malware in impacted devices associated with a Chinese-linked threat group.

Ivanti's Cloud Service Appliance has a "high severity vulnerability" being exploited in the wild.

Information sharing between the private sector and the federal government is providing a leg up when responding to vulnerabilities.