The whitepaper discusses the importance of a third-party risk management (TPRM) program in mitigating security risks posed by third-party collaborations. It offers insights from cyber security experts on effectively implementing a TPRM, gaining stakeholder approval, and optimally using existing resources and tools.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and