For example, in early January this year, Ivanti said it saw two flaws - CVE-2025-0282 and CVE-2025-0283 - being abused by this threat actor. Both were impacting Ivanti Connect Secure VPN appliances.

CVE-2024-9380 or CVE-2024-9381. The recently discovered flaws affect CSA version 4.6, which is no longer supported by Ivanti. Like with the previous vulnerability, the newly discovered CSA flaws ...

Ivanti typically recommends organizations use its Integrity Checker Tool (ICT) to identify exploitation of vulnerabilities, including CVE-2025-0282. With Resurge malware, threat actors can create ...