Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

A Wider Threat Landscape Unfolds: High-Severity Vulnerabilities and Exploitation Campaigns on the Rise



A recent discovery highlights the critical need for prompt action against high-severity vulnerabilities in endpoint management solutions, as well as an awareness of emerging threats from pre-Stuxnet malware to Chinese cyberattacks. Organizations must prioritize proactive monitoring, timely patching, and robust security measures to mitigate potential risks and ensure a more secure environment.

  • High-severity vulnerabilities have emerged across various platforms.
  • Ivanti EPMM CVE-2026-6973 has been exploited, granting admin-level access.
  • Four additional vulnerabilities in Ivanti EPMM have been identified.
  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
  • These vulnerabilities only affect the on-prem EPMM product, not other Ivanti products.
  • Organizations must prioritize vulnerability assessment and remediation to mitigate risks.
  • New threats have emerged across various fronts, underscoring the need for continuous vigilance.



    • The cybersecurity landscape has taken a concerning turn, with several high-severity vulnerabilities and exploitation campaigns emerging across various platforms. Among these, a notable instance involves Ivanti EPMM CVE-2026-6973 RCE under active exploitation granting admin-level access.

    Ivanti, a leading endpoint management solution provider, recently revealed that a critical security flaw in their Endpoint Manager Mobile (EPMM) product has been exploited in limited attacks in the wild. The vulnerability, designated as CVE-2026-6973 with a CVSS score of 7.2, pertains to improper input validation affecting EPMM versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1. This allows a remotely authenticated user with administrative access to execute remote code execution.

    Furthermore, Ivanti has identified four additional vulnerabilities in their EPMM product - CVE-2026-5786 (CVSS score: 8.8), CVE-2026-5787 (CVSS score: 8.9), CVE-2026-5788 (CVSS score: 7.0), and CVE-2026-7821 (CVSS score: 7.4). These vulnerabilities pertain to improper access control, certificate validation, and enrollment, respectively. The identified flaws allow a remote unauthenticated attacker to gain administrative access or impersonate registered Sentry hosts.

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the Ivanti EPMM CVE-2026-6973 vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, necessitating Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by May 10, 2026. This emphasizes the urgency for organizations utilizing Ivanti's EPMM product to address this vulnerability and protect against potential exploitation.

    It is essential to note that these vulnerabilities only affect the on-prem EPMM product and do not impact other Ivanti products such as Ivanti Neurons for MDM (cloud-based unified endpoint management solution), Ivanti EPM (similarly named but different product), Ivanti Sentry, or any other Ivanti products.

    The escalating landscape of high-severity vulnerabilities highlights the importance of proactive monitoring and timely patching. Organizations relying on endpoint management solutions must prioritize vulnerability assessment and remediation to mitigate the risks associated with these identified flaws.

    In addition to the Ivanti EPMM CVE-2026-6973 vulnerability, recent threats have emerged across various fronts, underscoring the need for continuous vigilance in the cybersecurity community.

    Furthermore, researchers have discovered a pre-Stuxnet 'fast16' malware targeting engineering software, further exacerbating concerns about potential vulnerabilities in critical infrastructure. Meanwhile, a Chinese Silk Typhoon hacker has been extradited to the United States over COVID-19 research cyberattacks, emphasizing international cooperation and collaboration in combating such threats.

    In light of these developments, it is crucial for organizations to maintain robust security measures, stay informed about emerging threats, and prioritize proactive vulnerability assessment and patching. This will help mitigate potential risks and ensure a more secure environment for both individuals and organizations alike.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/A-Wider-Threat-Landscape-Unfolds-High-Severity-Vulnerabilities-and-Exploitation-Campaigns-on-the-Rise-ehn.shtml

  • https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html

  • https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-6973

  • https://www.cvedetails.com/cve/CVE-2026-6973/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-5786

  • https://www.cvedetails.com/cve/CVE-2026-5786/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-5787

  • https://www.cvedetails.com/cve/CVE-2026-5787/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-5788

  • https://www.cvedetails.com/cve/CVE-2026-5788/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-7821

  • https://www.cvedetails.com/cve/CVE-2026-7821/


    • Published: Thu May 7 14:37:19 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us