Posted inVulnerabilities
From Cybersecurity Help – Cyber Security Week in Review: April 4, 2025
In brief: New Ivanti zero-day exploited by Chinese hackers, police shut down the Kidflix CSAM platform, and more. Read More
Posted inNews
From The Hacker News – Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems.
"A stack-based buffer overflow in Ivanti Connect
Posted inNews
From Dark Reading – CISA Warns of Resurge Malware Connected to Ivanti Vuln
Threat actors are exploiting a vulnerability in Ivanti Connect Secure first disclosed by the vendor in January. Read More
Posted inNews
From Security Week – CISA Analyzes Malware Used in Ivanti Zero-Day Attacks
[[{"value":"CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. The post CISA Analyzes Malware Used in Ivanti Zero-Day…
Posted inVulnerabilities
From Cybersecurity Help – New RESURGE malware targets Ivanti Connect Secure devices
RESURGE has capabilities similar to the SPAWNCHIMERA malware variant, albeit with several differences. Read More
Posted inNews
From The Hacker News – RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security flaw in Ivanti Connect Secure (ICS) appliances.
"RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, RESURGE contains distinctive commands that
Posted inNews
From Cyber Security News – CISA Warns of ESURGE Malware Exploiting Ivanti RCE Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Malware Analysis Report (MAR-25993211-r1.v1) detailing the exploitation of a critical vulnerability in Ivanti Connect Secure devices (CVE-2025-0282). This vulnerability allows…