Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ivanti has disclosed vulnerabilities affecting Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS) and Ivanti Neurons for Zero Trust Access (ZTA) Gateways. According to Ivanti, CVE-2025-0282 has been exploited on a limited number of ICS appliances. There are no confirmed reports of exploitation for Ivanti Policy Secure or ZTA Gateways. There is no indication that CVE-2025-0283 is actively exploited or chained.

Organizations today face a rapidly evolving threat landscape, and as they plan their cybersecurity strategy and budgets, many may struggle with a key question: If I’m conducting regular vulnerability scans, and patching the vulnerabilities I identify, do I really need penetration tests as well? The answer is yes. While vulnerability scanning plays a vital role in identifying risks and vulnerabilities, relying solely on it for security creates blind spots.

Seemplicity’s 2024 Year in Review report offers key insights into how organizations are navigating the challenges of vulnerability and exposure management. By analyzing data from over a billion customer findings across a wide range of industries, the report highlights the urgency of prioritizing vulnerabilities, streamlining workflows, and improving collaboration across teams.

Learn about OWASP’s newest focus on Non-Human Identities and how to mitigate risks like secret leakage, overprivileged NHIs, and insecure authentication with GitGuardian.

From design to deployment, the rise in AI tools and AI-generated code is changing developers’ workflows, enabling them to focus on more creative and complex tasks. However, while 96% of developers use AI coding assistants to streamline their work, it can have a negative impact on security teams. One-fifth of AppSec teams surveyed said they face significant challenges securing AI-generated code due to how quickly it’s produced.