Cisa
CISA Issues Update on RESURGE Malware Targeting Ivanti Devices
First seen 27 Feb 2026, 16:12 UTC
•



+6
•87% similarity
•42.4
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
CISA has released updated findings on RESURGE, a malware implant exploiting CVE-2025-0282 to compromise Ivanti Connect Secure devices. This malware can remain undetected and utilize advanced evasion techniques for covert communication with attackers. The report builds on previous findings from March 2025 regarding RESURGE's capabilities.
ThreatCluster AI
Timeline
2025-01-08
CVE-2025-0282 published and added to CISA KEV
2025-01-10
First public PoC for CVE-2025-0282
2025-03-28
CISA first documented RESURGE malware
2026-02-27
CISA released updated analysis on RESURGE malware