1 month ago
20
Image Credits:Kim Raff/Bloomberg / Getty Images8:06 AM PST · February 23, 2026
In February 2021, bundle elephantine Ivanti discovered that Chinese hackers had breached the web of Pulse Secure, 1 of its subsidiaries that provided VPN appliances to dozens of companies and authorities agencies astir the world, according to caller reporting by Bloomberg.
The hackers exploited a concealed backdoor they had planted successful Pulse Secure’s VPN software, Bloomberg reported, citing Ivanti’s main information serviceman astatine the clip and different sources. The backdoor allowed the hackers to summation entree to 119 different unnamed organizations that utilized the company’s aforesaid VPN product.
Mandiant was reportedly alert of the breaches arsenic well, alerting Ivanti that hackers had exploited the bug to breach European and U.S. subject contractors.
The antecedently unreported breach is the latest illustration of however acquisitions, layoffs, and cost-cutting driven by backstage equity firms helped to compromise the prime and information of Ivanti’s astir captious technologies. After backstage concern elephantine Clearlake Capital Group acquired Ivanti successful 2017, Bloomberg reported rounds of cuts — peculiarly successful 2022 — affecting employees who had heavy institutional knowledge of the company’s products and their security.
Ivanti and Mandiant did not respond to a petition for comment.
Bloomberg’s findings echo earlier reporting into rival supplier of distant entree tools, Citrix, which had large standard layoffs pursuing a 2022 deal by Elliott Investment Management and Vista Equity Partners to bargain the company. Like Ivanti, Citrix has been mired by cybersecurity incidents and critical flaws successful caller years.
Ivanti’s VPN products person been the origin of astatine slightest 2 different large attacks since.
Techcrunch event
Boston, MA | June 9, 2026
In aboriginal 2024, U.S. cybersecurity bureau CISA ordered each national agencies to disconnect their Ivanti VPN appliances wrong 2 days due to the fact that hackers were actively exploiting vulnerabilities that were chartless to Ivanti astatine the time. Ivanti besides warned customers past twelvemonth that hackers were exploiting different captious flaw successful its Connect Secure merchandise to hack firm customers.
Lorenzo Franceschi-Bicchierai is simply a Senior Writer astatine TechCrunch, wherever helium covers hacking, cybersecurity, surveillance, and privacy.
You tin interaction oregon verify outreach from Lorenzo by emailing lorenzo@techcrunch.com, via encrypted connection astatine +1 917 257 1382 connected Signal, and @lorenzofb connected Keybase/Telegram.
English (US) ·