Breach Roundup: The Ivanti Patch Treadmill

Also: Patch Tuesday, Equalize Scandal Figure Dies and Polymorphic Extension Attack Anviksha More (AnvikshaMore) • March 13, 2025

Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. This week: The U.S. federal government warned Ivanti customers to patch, Microsoft Patch Tuesday, fake extensions mimic legitimate add-ons, a likely North Korean Android malware campaign halted, a key figure in Italy's Equalize scandal died of heart attack. Also, Apache Camel flaw enables RCE via case-sensitive header bypass, OpenAI's agent can automate phishing and Apple patched its third zero-day of the year.

See Also: Top 10 Technical Predictions for 2025

Ivanti customers must be used by now to a litany of urgent warnings to patch. The U.S. Cybersecurity and Infrastructure Security Agency added to the pile on Monday following a February publication of a proof-of-concept exploit allowing an unauthenticated attacker to ...