See every side of every news story
Get Started
SubscribeLogin
Israel-Hamas Conflict
Natural Disasters
Baseball
Social Media
Democratic Party
Republican Party
Education
Senate
Tariffs
US Politics
Artificial Intelligence
Donald Trump
Soccer
Published loading...Updated

CISA warns of new malware targeting Ivanti flaw

  • CISA issued a Malware Analysis Report on RESURGE, a new malware discovered on March 30, 2025, that exploits the CVE-2025-0282 vulnerability in Ivanti Connect Secure appliances to compromise systems.
  • The exploitation of CVE-2025-0282, a critical stack buffer overflow vulnerability, allows unauthenticated attackers to achieve remote code execution, leading to unauthorized access and control.
  • RESURGE, which shares similarities with the SPAWNCHIMERA malware family and other Spawn variants used by a China-nexus espionage group , functions as a rootkit, dropper, proxy, and tunneler, enabling credential harvesting, account creation, privilege escalation, and covert system access.
  • RESURGE modifies system files, bypasses integrity checks, manipulates coreboot RAM disks, generates cryptographic signatures to disguise altered files, and deploys web shells on compromised devices to establish secure SSH tunnels and a persistent foothold.
  • CISA urges organizations using Ivanti Connect Secure devices to implement robust cybersecurity measures, including applying patches for CVE-2025-0282, deploying antivirus solutions, conducting regular audits, and performing a factory reset using a clean image, as successful exploitation of CVE-2025-0282 has led to backdoors being deployed in at least 379 organizations and can erase traces of malicious activity, complicating system recovery.
Insights by Ground AI
Does this summary seem wrong?

12 Articles

All
Left
Center
2
Right
The RegisterThe Register
Center

CISA warns of new malware targeting Ivanti flaw

: Resurge an apt name for malware targeting hardware maker that has security bug after security bug

Read Full Article
Cybersecurity DiveCybersecurity Dive
Center

CISA warns new malware targeting Ivanti zero-day vulnerability

CVE-2025-0282, a critical vulnerability that affects Ivanti’s Connect Secure, Policy Secure and ZTA Gateway products, was disclosed and patched in January.

Read Full Article
Tech RadarTech Radar

Ivanti products targeted by dangerous malware yet again

RESURGE is targeting Ivanti products, so make sure to stay safe

·United Kingdom
Read Full Article
OODA LoopOODA Loop

CISA Warns of Resurge Malware Connected to Ivanti Vuln

The Cybersecurity and Infrastructure Security Agency (CISA) is warning of an Ivanti vulnerability being exploited by threat actors. The malicious actors are using a file called “Resurge” in the attacks, which creates a Secure Shell (SSH) tunnel for command and control (C2). The malware can modify files and manipulate integrity checks, allowing it to harvest […] The post CISA Warns of Resurge Malware Connected to Ivanti Vuln  appeared first on OO…

Read Full Article
The Cyber ExpressThe Cyber Express

CISA Details New RESURGE Malware Used In Ivanti Attacks

The U.S. Cybersecurity and Information Security Agency (CISA) has issued an advisory detailing a new malware variant detected in attacks on an Ivanti vulnerability. The CISA advisory says the agency recovered three files from a critical infrastructure environment’s Ivanti Connect Secure device after threat actors exploited Ivanti vulnerability CVE-2025-0282 for initial access. One of the files contained a new malware variant that CISA is calling…

Read Full Article
Malware Analysis, News and IndicatorsMalware Analysis, News and Indicators

CISA: Addressed Ivanti bug leveraged by novel RESURGE malware

Ivanti Connect Secure instances that remain vulnerable to the patched stack-based buffer overflow bug, tracked as CVE-2025-0282, were reported by the Cybersecurity and Infrastructure Security Agency to have been subjecte…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

cybernoz.com broke the news in on Sunday, March 30, 2025.
Sources are mostly out of (0)

Similar News Topics

Cisa

Cisa

Technology

Technology

Cyber Security

Cyber Security

United States

United States

You have read out of your 5 free daily articles.

Join us as a member to unlock exclusive access to diverse content.

News
For You
SearchBlindspotLocal