Summary: Federal cybersecurity officials have identified a powerful malware named Resurge, allegedly used by Chinese hackers alongside the exploitation of a vulnerability in Ivanti’s security tools. The malware can manipulate system integrity checks, harvest credentials, and perform numerous harmful functions. CISA urges affected organizations to reset their Ivanti devices and take necessary precautions against this threat.
Affected: Ivanti security tools (Connect Secure, Policy Secure, and ZTA Gateway)
Keypoints :
- Resurge malware can manipulate system integrity checks and harvest credentials.
- The vulnerability exploited is tracked as CVE-2025-0282, discovered affecting Ivanti devices.
- Both CISA and Mandiant link the cyber attacks to Chinese espionage groups.
- The malware family, termed Spawn, allows persistent access and backdoor entry to compromised systems.
- Ivanti’s Integrity Checker Tool is circumvented by the malware through fraudulent signatures.
Source: https://therecord.media/cisa-alert-ivanti-bug-resurge-malware