The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed a new malware named RESURGE. Deployed in exploiting Ivanti Connect Secure appliances’ patched security flaw, RESURGE contains elements of the SPAWNCHIMERA malware but also distinctive commands. Linked to CVE-2025-0282 vulnerability affecting Ivanti versions, Google-owned Mandiant confirmed it was weaponized with UNC5337, a Chinese espionage group, using SPAWN malware. The RESURGE evolution enables insertion into files, web shell creations, and privileges escalation. CISA advises organizations to update to the latest Ivanti versions and reset all account credentials.
The Hidden Cracks in Healthcare’s Cybersecurity Ecosystem
Ransomware attacks on hospitals are just the tip of the iceberg in the healthcare sector, with interconnected weaknesses across medical device manufacturers, pharmaceutical companies, insurers,
