Malicious hackers have begun mass-exploiting two critical zero-day vulnerabilities in Ivanti’s widely-used corporate VPN appliance. That’s according to cybersecurity company Volexity, which first reported last week that China state-backed hackers are exploiting the two unpatched flaws in Ivanti Connect Secure — tracked as CVE-2023-46805 and CVE-2024-21887 — to break into customer networks and steal information. […]

© 2023 TechCrunch. All rights reserved. For personal use only.