Critical

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

Security Affairs
Actively Exploited

Overview

Dutch agencies, including the Data Protection Authority and the Council for the Judiciary, have confirmed cyberattacks that exploited vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). These attacks resulted in the exposure of employee contact data. The flaws in Ivanti EPMM were recently disclosed, allowing attackers to breach the systems of these government bodies. This incident raises concerns about the security of sensitive personal information and the potential for further exploitation of these vulnerabilities. Authorities have reported the incidents to parliament, emphasizing the need for improved security measures in public sector agencies.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Ivanti Endpoint Manager Mobile (EPMM), Dutch Data Protection Authority, Council for the Judiciary
  • Action Required: Update Ivanti EPMM to the latest version and apply security patches as they become available.
  • Timeline: Newly disclosed

Original Article Summary

Dutch agencies confirmed attacks exploiting Ivanti EPMM flaws that exposed employee contact data at the data protection authority and courts. Dutch authorities said cyberattacks hit the Dutch Data Protection Authority and the Council for the Judiciary after hackers exploited newly disclosed flaws in Ivanti Endpoint Manager Mobile (EPMM). The incidents were reported to parliament, and […]

Impact

Ivanti Endpoint Manager Mobile (EPMM), Dutch Data Protection Authority, Council for the Judiciary

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Update Ivanti EPMM to the latest version and apply security patches as they become available.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Exploit, Vulnerability, Data Breach.

Related Coverage

Program to rotate cyber personnel through federal agencies saw little use

CyberScoop

The Government Accountability Office (GAO) reported that the Federal Rotational Cyber Workforce program, designed to rotate cybersecurity professionals among federal agencies, has seen minimal participation. Only a handful of personnel received approval to join the initiative, which aims to enhance collaboration and knowledge sharing across government entities. This low engagement raises concerns about the effectiveness of the program in addressing the growing cybersecurity challenges faced by federal agencies. Without a more robust participation rate, the program may struggle to achieve its intended goals of improving cyber defense capabilities and developing a skilled workforce. The findings suggest a need for better incentives or support to encourage agencies to utilize this resource effectively.

Jul 16, 2026

New OkoBot framework deploys 20 payloads to steal data, crypto

BleepingComputer

A new malware framework named OkoBot has emerged, capable of deploying over 20 different payloads aimed at stealing sensitive data, particularly cryptocurrency wallet seed phrases and user credentials. The framework is designed to infiltrate systems and extract valuable information from users, making it a significant threat to anyone dealing with cryptocurrencies. As cybercriminals increasingly target digital assets, this development raises alarms for individuals and businesses alike. Users are advised to enhance their security measures and remain vigilant against suspicious activities that may indicate an OkoBot attack. The rise of such tools underscores the ongoing risk of data breaches in the cryptocurrency space.

Jul 16, 2026

Russian trio indicted for allegedly running bulletproof hosting providers that spurred cybercrime

CyberScoop

Three Russian nationals have been indicted for allegedly operating bulletproof hosting services that facilitated cyberattacks across 21 states in the U.S. and other countries. The accused individuals, linked to companies Media Land and ML.Cloud, are said to have contributed to cybercrimes that resulted in losses exceeding $62 million. Bulletproof hosting is a type of service that provides web hosting for malicious activities, allowing attackers to evade law enforcement and launch various cyber operations. This indictment underscores the ongoing challenges law enforcement faces in combating cybercrime, particularly when it involves international actors. The case emphasizes the need for continued cooperation among countries to tackle such threats effectively.

Jul 16, 2026

Phishing Campaign Hides Lua Loader as TrueType Font File

Infosecurity Magazine

A global phishing campaign has been detected that disguises a Lua loader as a TrueType font file to deploy remote access Trojans (RATs) and information stealers. Attackers are using this method to bypass security measures by making the malicious files appear innocuous. This tactic affects users who may inadvertently open these disguised files, leading to potential data breaches or unauthorized access to systems. The presence of such sophisticated phishing techniques raises concerns about the effectiveness of traditional email security measures. Users need to be vigilant about unexpected email attachments, even if they seem harmless, to avoid falling victim to these types of attacks.

Jul 16, 2026

Scattered Spider members jailed over Transport for London hack that cost £29 million

Help Net Security

Two young members of the Scattered Spider hacking group have received prison sentences of five years and six months for their role in a cyberattack against Transport for London (TfL). The attack, which occurred last year, caused significant disruption to transport services, affecting thousands of commuters and leading to an estimated financial loss of £29 million for the agency. Thalha Jubair, 20, and Owen Flowers, 18, both pleaded guilty on the day their trial was set to begin, marking a significant development in the ongoing fight against cybercrime. This incident not only highlights the vulnerabilities in public transport systems but also serves as a warning to other potential attackers about the consequences of such actions. With increasing reliance on digital infrastructure, the impact of these types of cyberattacks can be severe for both organizations and the public.

Jul 16, 2026

23andMe to pay $18 million in new genetics data breach settlement

BleepingComputer

23andMe, the genetic testing company, has agreed to pay $18 million to settle a lawsuit filed by a coalition of 43 attorneys general. The lawsuit claimed that 23andMe failed to adequately protect its customers' genetic data, putting sensitive information at risk. This settlement comes as part of a broader push for companies to prioritize data security, especially when handling personal genetic information. Customers who used 23andMe's services are particularly affected, as their genetic data could have been exposed. The situation raises significant concerns about privacy and the responsibilities of companies in safeguarding sensitive health information.

Jul 16, 2026