Ars Technica

Code-execution bug in Pulse Secure VPN threatens patch laggards everywhere

Organizations that have yet to install the latest version of the Pulse Secure VPN have a good reason to stop dithering—a code-execution vulnerability that allows attackers to take control of networks ...
CNN

Suspected Chinese hackers exploited Pulse Secure VPN to compromise ‘dozens’ of agencies and companies in US and Europe

The US Department of Homeland Security confirmed the intrusions in its own public advisory Tuesday, urging network administrators to run a special tool designed to scan for signs of compromise and to ...
Redmond Magazine

Patch Issued for Critical Vulnerability in Pulse Connect Secure VPNs

Ivanti Pulse Secure announced a patch on Monday for a "Critical"-rated vulnerability (CVE-2021-22893) in its Pulse Connect Secure VPN appliances. The release follows up on Pulse Secure's pledge to ...
Bleeping Computer

Pulse Secure fixes VPN zero-day used to hack high-value targets

Pulse Secure has fixed a zero-day vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance that is being actively exploited to compromise the internal networks of defense firms and govt ...
Ars Technica

More US agencies potentially hacked, this time with Pulse Secure exploits

At least five US federal agencies may have experienced cyberattacks that targeted recently discovered security flaws that give hackers free rein over vulnerable networks, the US Cybersecurity and ...