CISA warns that RESURGE malware can be dormant on Ivanti devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...
GitHub

A Forge 1.20.x mod that securely verifies premium accounts on an offline-mode server during the login phase, without sending the player's access token to the server.

Ask the client to perform Mojang "joinServer" locally. Verify with Mojang Session Server from the server using a nonce. If verification passes: replace the player's UUID with the official premium UUID ...