Connect Secure - Geek Feed

CISA warns that RESURGE malware can be dormant on Ivanti devices

March 2, 2026March 2, 2026 geekfeed0Tagged CISA, Connect Secure, CVE-2025-0282, Ivanti, malware, RESURGE

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. The update focuses on the implant’s undetected latency on the appliances and its “sophisticated network-level evasion and authentication techniques” that enable covert communication with the attacker. […]

4 mins read

Ivanti patches Connect Secure zero-day exploited since mid-March

April 11, 2025April 11, 2025 geekfeed0Tagged 0day, Actively Exploited, china, Connect Secure, Cyber-espionage, Ivanti, rce, Remote Code Execution, UNC5221, Zero-Day

Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. Tracked as CVE-2025-22457, this critical security flaw is due to a stack-based buffer overflow weakness. It impacts Pulse Connect Secure 9.1x (which reached end-of-support in December), Ivanti […]

5 mins read

Ivanti warns of new Connect Secure flaw used in zero-day attacks

January 10, 2025January 10, 2025 geekfeed0Tagged Connect Secure, CVE-2025-0282, CVE-2025-0283, Ivanti, malware, rce, Remote Code Execution, vulnerability, Zero-Day, Zero-day Attack

Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it became aware of the vulnerabilities after the Ivanti Integrity Checker Tool (ICT) detected malicious activity on customers’ appliances. Ivanti launched an investigation and confirmed that threat actors were actively […]

3 mins read