CISA Issues Update on RESURGE Malware Targeting Ivanti Devices

CISA Issues Update on RESURGE Malware Targeting Ivanti Devices

First seen 27 Feb 2026, 16:12 UTC CisaIndustrialcyber.CoBleepingcomputerCybersecuritydiveLinkedin+6 87% similarity 42.4

Article Content

Browse articles
ThreatCluster

CISA has released updated findings on RESURGE, a malware implant exploiting CVE-2025-0282 to compromise Ivanti Connect Secure devices. This malware can remain undetected and utilize advanced evasion techniques for covert communication with attackers. The report builds on previous findings from March 2025 regarding RESURGE's capabilities.

ThreatCluster AI

Timeline

2025-01-08
CVE-2025-0282 published and added to CISA KEV
2025-01-10
First public PoC for CVE-2025-0282
2025-03-28
CISA first documented RESURGE malware
2026-02-27
CISA released updated analysis on RESURGE malware

Community

Browse all →