The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed a new malware named RESURGE. Deployed in exploiting Ivanti Connect Secure appliances’ patched security flaw, RESURGE contains elements of the SPAWNCHIMERA malware but also distinctive commands. Linked to CVE-2025-0282 vulnerability affecting Ivanti versions, Google-owned Mandiant confirmed it was weaponized with UNC5337, a Chinese espionage group, using SPAWN malware. The RESURGE evolution enables insertion into files, web shell creations, and privileges escalation. CISA advises organizations to update to the latest Ivanti versions and reset all account credentials.
Hackers Scanning From 24,000 IP’s to Gain Access to Palo Alto Networks
Researchers observed a significant increase in malicious scanning of Palo Alto Networks’ GlobalProtect VPN portals, with nearly 24,000 unique IP addresses targeting the systems. This
