• Endpoint Security Cyberattacks & Data Breaches Vulnerabilities & Threats Perimeter News Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy - Again It’s time to phase out the “patch and pray” approach, eliminate needless public interfaces, and enforce authentication controls, one expert says. • February 12, 2026 UPDATE A handful of European government agencies have been compromised by hackers in recent weeks, thanks to a new round of critical vulnerabilities in an Ivanti product - and it’s another grim reminder of the heyday attackers have been having with edge devices. • Attacks against edge devices have been steadilyramping up for nearly three years, tripping up multiple vendors in the process:Fortinet has endured a number attacksagainst its products; SonicWall’s edge devicescontended with zero-days; andWatchGuard’s firewall was hitmore recently with a zero-day. • The highly distributed nature of edge networking has historically meant less monitoring, and like any good opportunist, attackers will exploit that sort of vulnerability when they see it. • 29, Ivanti disclosed two critical vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, and released atemporary patchto cover them. • Deemed CVE-2026-1281 and CVE-2026-1340, the issues were similar in nature, both allowing for remote code execution (RCE), both assigned 9.8 out of 10 scores on the Common Vulnerability Scoring System (CVSS) scale.

Article Summaries:

  • Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy - Again It’s time to phase out the “patch and pray” approach, eliminate needless public interfaces, and enforce authentication controls, one expert says. February 12, 2026 UPDATE A handful of European government agencies have been compromised by hackers in recent weeks, thanks to a new round of critical vulnerabilities in an Ivanti product - and it’s another grim reminder of the heyday attackers have been having with edge devices. Attacks against edge devices have been steadily ramping up for nearly three years, tripping up multiple vendors in the
  • Update: The article initially listed the wrong CVEs. This has now been corrected to list the CVEs: CVE-2026-1286 and CVE-2026-1340 Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340. The security issues have been flagged as actively exploited in zero-day attacks in Ivanti’s security advisory, where the company also announced hotfixes. Both flaws received a critical severity rating and allow an attacker to inject co

Sources: