{"id":211775,"date":"2026-02-09T17:28:00","date_gmt":"2026-02-09T22:28:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/09\/fallout-from-latest-ivanti-zero-days-spreads-to-nearly-100-victims\/"},"modified":"2026-02-09T18:55:13","modified_gmt":"2026-02-09T23:55:13","slug":"fallout-from-latest-ivanti-zero-days-spreads-to-nearly-100-victims","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/09\/fallout-from-latest-ivanti-zero-days-spreads-to-nearly-100-victims\/","title":{"rendered":"Fallout from latest Ivanti zero-days spreads to nearly 100 victims"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/ivanti-zero-day-vulnerabilities-netherlands-european-commission-shadowserver\/\">Fallout from latest Ivanti zero-days spreads to nearly 100 victims<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/ivanti-zero-day-vulnerabilities-netherlands-european-commission-shadowserver\/\">https:\/\/cyberscoop.com\/ivanti-zero-day-vulnerabilities-netherlands-european-commission-shadowserver\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-09 17:28:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>Ivanti customers, including major government agencies, face mounting pressure as attackers expand their scope of targets to exploit a pair of vulnerabilities the vendor disclosed last week after in-the-wild attacks already occurred.\u00a0<\/p>\n<p>The Netherlands\u2019 Dutch Data Protection Authority and the Council for the Judiciary confirmed both agencies were impacted by attacks linked to the Ivanti Endpoint Manager Mobile (EPMM) zero-day vulnerabilities, according to a notice sent to the country\u2019s parliament Friday. The European Commission also said it found evidence of a cyberattack on its \u201ccentral infrastructure managing mobile devices,\u201d but it did not identify the vendor in a statement Thursday.<\/p>\n<p>The attacks were publicly disclosed as researchers and threat hunters scrambled to assess the fallout and observed consistent waves of attacks linked to the Ivanti defects. As of Monday afternoon, Shadowserver scans identified 86 compromised instances based on artifacts of exploitation, Piotr Kijewski, CEO of the nonprofit, told CyberScoop.<\/p>\n<p>Researchers last week warned that attacks involving the Ivanti zero-days would spread, repeating a common pattern following the vendor\u2019s disclosure and a third party\u2019s release of exploit code. The vulnerabilities \u2014 CVE-2026-1281 and CVE-2026-1340 \u2014 each carry a CVSS rating of 9.8 and allow unauthenticated users to execute code remotely in Ivanti EPMM.<\/p>\n<p>Ivanti said a \u201cvery limited number of customers\u201d were exploited before it disclosed the defects in a Jan. 29 security advisory, but has declined multiple requests to provide an updated victim count.\u00a0<\/p>\n<p>The company released indicators of compromise and a detection script Friday to help customers hunt for potential impact, and thanked The Netherlands\u2019 National Cyber Security Centre for contributing to the script\u2019s development. \u201cWe are collaborating closely with our customers as well as trusted government and security partners,\u201d a spokesperson for&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/ivanti-zero-day-vulnerabilities-netherlands-european-commission-shadowserver\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Fallout from latest Ivanti zero-days spreads to nearly 100 victims https:\/\/cyberscoop.com\/ivanti-zero-day-vulnerabilities-netherlands-european-commission-shadowserver\/ Publish Date: 2026-02-09 17:28:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":211776,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2025\/04\/WAWPWY.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[31],"class_list":["post-211775","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-exploit"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211775"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=211775"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211775\/revisions"}],"predecessor-version":[{"id":211777,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211775\/revisions\/211777"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/211776"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=211775"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=211775"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=211775"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}