The Hacker News
thehackernews.com
خبر سيبراني: 83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure
المقال بالعربية
ما حدث:
A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026. An estimated 346
لم يذكر المصدر تفاصيل إضافية حول الأطراف المتأثرة أو الأثر الفني الكامل.
لماذا يهم:
تمثل مثل هذه الأخبار مؤشرات مهمة لمتابعة التهديدات السيبرانية بشكل مستمر واتخاذ إجراءات احترازية مبكرة داخل المؤسسة.
إجراءات موصى بها:
مراجعة التحديثات الأمنية الرسمية، تطبيق التصحيحات المتاحة، تعزيز المراقبة، وتوعية الفرق بمخاطر التصيد والهندسة الاجتماعية.
المصدر: thehackernews.com - https://thehackernews.com/2026/02/83-of-ivanti-epmm-exploits-linked-to.html
English Article
What happened:
A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026. An estimated 346
The source did not provide additional details about impacted parties or technical scope.
Why it matters:
Items like this are important signals for tracking evolving cyber threats and improving defensive readiness.
Recommended actions:
Review official security updates, apply available patches, strengthen monitoring, and reinforce phishing awareness.
Source: thehackernews.com - https://thehackernews.com/2026/02/83-of-ivanti-epmm-exploits-linked-to.html
Vulnerability
Read source