U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely used corporate VPN appliance, but said that patches won’t be available until the end of the month. Ivanti said the two vulnerabilities — tracked as CVE-2023-46805 and CVE-2024-21887 — were found in its Ivanti Connect Secure software. Formerly known … Continue reading State-backed hackers are exploiting new Ivanti VPN zero-days — but no patches yet