On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which is associated with the product Ivanti Connect Secure.

According to the MAR, “RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, RESURGE contains distinctive commands that alter its behavior. These commands:

To address the vulnerability, CISA recommends that users and administrators:

The MAR is an important read for any businesses using Ivanti Connect Secure, Policy Secure, and ZTA Gateways.

Leave a Reply

Your email address will not be published. Required fields are marked *