Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025
Summary
Security researchers observed active exploitation of Ivanti vulnerabilities. Attackers are leveraging these vulnerabilities to deliver shells, perform reconnaissance, and deploy malware.
IFF Assessment
FOE
Active exploitation of vulnerabilities poses a direct threat to organizations using affected Ivanti products.
Severity
9.8
Critical
(AI Estimated)
Defender Context
Defenders should immediately patch Ivanti products and monitor for signs of compromise. The reported activities (shell deployment, reconnaissance, malware downloads) are indicative of post-exploitation activity, necessitating thorough incident response investigations where vulnerable systems are present. The resurgence of exploitation highlights the importance of timely patching and proactive threat hunting.