<ul><li>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances.</li><li>RESURGE malware exploits the CVE-2025-0282 flaw in Ivanti Connect Secure appliances and has been used in attacks.</li><li>The malware creates web shells, bypasses integrity checks, and facilitates credential harvesting and privilege escalation.</li><li>CISA provides details about the malicious Linux shared object file 'libdsupgrade.so' and the log-tampering variant of 'SPAWNSLOTH' associated with the RESURGE malware.</li></ul>

CISA warns of RESURGE malware exploiting Ivanti flaw

Discover more