Sorry, your browser is not compatible with this application. Please use the latest version of Google Chrome, Mozilla Firefox, Microsoft Edge or Safari.
Malware Analysis Report
CISA has identified a sophisticated malware dubbed RESURGE, which exploits Ivanti Connect Secure devices using CVE-2025-0282. This tool behaves like a rootkit and backdoor, modifying core system components to mask its presence and allow remote access via SSH. Embedded with BusyBox utilities and advanced persistence techniques, RESURGE poses serious risks to infrastructure integrity. Analysts also discovered associated malware variants that manipulate logs and bypass security checks, underscoring the evolving complexity of cyber threats.
| Format: |
|
| Topics: | |
| Website: | Visit Publisher Website |
| Publisher: | Cybersecurity and Infrastructure Security Agency (CISA) |
| Published: | March 28, 2025 |
| License: | Public Domain |
Featured Content
Contact Publisher
Claim Content