This intelligence provides actionable insights into the September 2024 exploitation of Ivanti Cloud Service Appliances (CSA) by attackers who chained various Ivanti CSA vulnerabilities with CVE-2024-8963. The chaining of these vulnerabilities led to unauthorized access, remote code execution, credential theft, and webshell deployment. Even though exploitation occurred in September 2024, organizations using affected versions of Ivanti CSA are still at risk. The Advisory warns that "Credentials and sensitive data stored within affected Ivanti appliances should be considered compromised."