Mastodawn

Posted yesterday.

CloudSek: Operation Escaneo: Infrastructure Exposure, TTP Analysis, and Attribution Assessment of an Advanced Intrusion Campaign Against Mexican Federal Agencies and Financial Institutions https://www.cloudsek.com/blog/operation-escaneo-mexican-government-financial-institutions-cyberattack

Infosecurity-Magazine: LATAM Infrastructure Hit by Fortinet and Ivanti Exploits https://www.infosecurity-magazine.com/news/operation-escaneo-cloudsek-latam/ #infosec #Fortinet #Ivanti #cyberattack #vulnerability

@cR0w

Operation Escaneo: Infrastructure Exposure, TTP Analysis, and Attribution Assessment of an Advanced Intrusion Campaign Against Mexican Federal Agencies and Financial Institutions | CloudSEK

An exposed attacker server revealed the inner workings of Operation Escaneo—a sophisticated campaign targeting Latin American governments and financial institutions. CloudSEK maps its custom tools, exploitation chain, persistence tactics and suspected links to MexicanMafia. Read the full investigation.

Analyst207 2d ago

Fortinet and Ivanti Exploits Fuel LATAM Infrastructure Attacks

In a shocking revelation, a coordinated campaign dubbed Operation Escaneo has been exposed, targeting critical infrastructure across Mexico, Ecuador, and Portugal, with a staggering 3,708 sessions recorded over just 13 days. The attackers exploited vulnerabilities in Fortinet and Ivanti perimeter appliances to gain entry into…

https://osintsights.com/fortinet-and-ivanti-exploits-fuel-latam-infrastructure-attacks?utm_source=mastodon&utm_medium=social

#LatamInfrastructureAttacks #OperationEscaneo #Fortinet #Ivanti #CveExploits

Fortinet and Ivanti Exploits Fuel LATAM Infrastructure Attacks

Learn how Operation Escaneo exploits Fortinet and Ivanti vulnerabilities to target LATAM infrastructure, and take steps to secure your organization now.

OSINTSights

CyberSecureFox

2d ago

Critical Vulnerabilities in Fortinet, Ivanti and SAP Fixed

🔗 https://cybersecurefox.com/en/fortinet-ivanti-sap-critical-vulnerabilities-june-2026

#Fortinet #Ivanti #Sentry #SAP #critical #vulnerabilities #CVE

Critical Vulnerabilities In Fortinet, Ivanti And SAP Fixed

Three major vendors — Fortinet, Ivanti and SAP — simultaneously released security updates that together close seven critical vulnerabilities with CVSS scores

CyberSecureFox

cyberowy 3d ago

🚨 Luka w Ivanti EPMM (CVE-2026-10727) pozwala na przejęcie serwera

Nowa luka w Ivanti EPMM z oceną CVSS 7.2 pozwala uwierzytelnionym atakującym na zdalne wykonanie kodu z uprawnieniami roota. Polskie firmy powinny zweryfikować swoje systemy zarządzania urządzeniami.

→ https://cyberowi.pl/luka-w-ivanti-epmm-cve-2026-10727-pozwala-na-przejecie/

#cve #ivanti #epmm #mdm

#cyberbezpieczenstwo

Meteora Web 4d ago

🚨 NEWS: AI Ombra: L'85% dei Team IT Dice di Controllare gli Agenti, ma Solo il 42% Conosce i Veri Proprietari

Ecco i punti chiave in breve:
💡 Il mondo della sicurezza informatica si trova di fronte a un paradosso inquietante. Secondo una recente indagine di Ivanti su 3.900 dipendenti in sei paesi, l'85% dei professionist...

🚀 LINK: https://meteoraweb.com/news/ai-ombra-l85-dei-team-it-dice-di-controllare-gli-agenti-ma-solo-il-42-conosce-i-veri-proprietari

#agentiAi #sicurezzaInformatica #governanceAI #shadowAI #ivanti

The New Oil 6d ago

#CISA orders feds to patch actively exploited #Ivanti flaw by Sunday

https://www.bleepingcomputer.com/news/security/cisa-gives-feds-3-days-to-patch-ivanti-flaw-exploited-in-attacks/

#cybersecurity

CISA orders feds to patch actively exploited Ivanti flaw by Sunday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04.

BleepingComputer

CyberNetsecIO Jun 13

📰 Ivanti Patches Critical Sentry Flaws Allowing Root-Level RCE

⚠️ CRITICAL: Ivanti patches two severe flaws in Sentry, including a root-level unauthenticated RCE (CVE-2026-10520). Technical details are public, exploitation risk is high. Patch immediately! #Ivanti #Vulnerability #RCE #CyberSecurity

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/ivanti-sentry-critical-vulnerabilities-allow-root-rce/?utm_source=mastodon&utm_medium=social&utm_campaign=daily

The New Oil Jun 13

Max severity #Ivanti #Sentry vulnerability now exploited in attacks

https://www.bleepingcomputer.com/news/security/max-severity-ivanti-sentry-vulnerability-now-exploited-in-attacks/

#cybersecurity

Max severity Ivanti Sentry vulnerability now exploited in attacks

Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways.

BleepingComputer

securityaffairs Jun 12

U.S. #CISA adds #Ivanti #Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14
https://securityaffairs.com/193557/security/u-s-cisa-adds-ivanti-sentry-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-patching-by-june-14.html
#securityaffairs #hacking

U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14 - Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog.

Security Affairs

OffSequence Jun 12

⚠️ CRITICAL: Ivanti Sentry OS command injection (CVE-2026-10520) enables remote root execution via exposed mgmt port 8443. Only honeypot hits so far — patch versions 10.5.2, 10.6.2, 10.7.1+ ASAP & restrict access! https://radar.offseq.com/threat/ivanti-sentry-exploitation-attempts-hitting-honeyp-ce849175 #OffSeq #Ivanti #Vuln #Infosec