Tag: cisco
-
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-feds-to-fully-patch-actively-exploited-cisco-flaws/
-
Unleashing the Kraken ransomware group
In August 2025, Cisco Talos observed big-game hunting and double extortion attacks carried out by Kraken, a Russian-speaking group that has emerged from the remnants of the HelloKitty ransomware cartel. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/kraken-ransomware-group/
-
ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories
Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us.But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems…
-
Amazon alerts: advanced threat actor exploits Cisco ISE Citrix NetScaler zero-days
Amazon warns that an advanced threat actor exploited zero-days in Cisco ISE and Citrix NetScaler to deploy custom malware. Amazon’s threat intelligence researchers spotted an advanced threat actor exploiting two previously undisclosed zero-day flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC to deliver custom malware. Attackers also exploited multiple undisclosed vulnerabilities. Amazon’s…
-
Zero-Day Vulnerabilities in Cisco and Citrix Targeted by APT Group, Amazon Confirms
Amazon’s threat intelligence division has revealed a cyber-espionage campaign involving an advanced persistent threat (APT) group exploiting previously undisclosed zero-day vulnerabilities in systems from Cisco and Citrix. The investigation showed that the attackers specifically targeted critical identity and network access control infrastructure; components of enterprises rely on managing authentication and enforcing security policies across their networks. First…
-
Zero-Day Vulnerabilities in Cisco and Citrix Targeted by APT Group, Amazon Confirms
Amazon’s threat intelligence division has revealed a cyber-espionage campaign involving an advanced persistent threat (APT) group exploiting previously undisclosed zero-day vulnerabilities in systems from Cisco and Citrix. The investigation showed that the attackers specifically targeted critical identity and network access control infrastructure; components of enterprises rely on managing authentication and enforcing security policies across their networks. First…
-
‘CitrixBleed 2’ Wreaks Havoc as Zero-Day Bug
The same APT hammered critical bugs in Citrix NetScaler (CVE-2025-5777) and the Cisco Identity Service Engine (CVE-2025-20337) in a sign of growing adversary interest in identity and access management systems. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/citrixbleed-2-cisco-zero-day-bugs
-
Federal agencies not fully patching vulnerable Cisco devices amid ‘active exploitation,’ CISA warns
Federal civilian agencies are not patching vulnerable Cisco devices sufficiently to protect themselves from an active hacking campaign, the Cybersecurity and Infrastructure Security Agency warned. First seen on therecord.media Jump to article: therecord.media/federal-cisco-patches-warning
-
Federal agencies not fully patching vulnerable Cisco devices amid ‘active exploitation,’ CISA warns
Federal civilian agencies are not patching vulnerable Cisco devices sufficiently to protect themselves from an active hacking campaign, the Cybersecurity and Infrastructure Security Agency warned. First seen on therecord.media Jump to article: therecord.media/federal-cisco-patches-warning
-
‘Advanced’ hacker seen exploiting Cisco, Citrix zero-days
The hackers notably used custom malware and were exploiting CVE-2025-5777, now known colloquially as “Citrix Bleed Two”, before it was disclosed publicly in July. First seen on therecord.media Jump to article: therecord.media/advanced-hacker-exploiting-cisco-citrix-zero-days-amazon
-
Amazon pins Cisco, Citrix zero-day attacks to APT group
The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon. First seen on cyberscoop.com Jump to article: cyberscoop.com/amazon-threat-intel-apt-group-cisco-citrix-zero-days/
-
Amazon pins Cisco, Citrix zero-day attacks to APT group
The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon. First seen on cyberscoop.com Jump to article: cyberscoop.com/amazon-threat-intel-apt-group-cisco-citrix-zero-days/
-
Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats
Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data. First seen on hackread.com Jump to article: hackread.com/cisco-open-weight-ai-models-long-chat-exploit/
-
Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats
Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data. First seen on hackread.com Jump to article: hackread.com/cisco-open-weight-ai-models-long-chat-exploit/
-
Cisco ASA und FTD akut gefährdet – Angreifer provozieren Neustarts ungepatchter Cisco-Firewalls
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-systeme-angriffsvariante-cve-2025-20333-cve-2025-20362-a-00964e1ef07f585bc9b7789a690e6a7e/
-
Cisco detects new attack variant targeting vulnerable firewalls
Hackers may be able to overload unpatched devices, the company said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-firewall-attack-variant-arcanedoor/805116/
-
Cisco detects new attack variant targeting vulnerable firewalls
Hackers may be able to overload unpatched devices, the company said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-firewall-attack-variant-arcanedoor/805116/
-
Week in review: Cisco fixes critical UCCX flaws, November 2025 Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Securing real-time payments without slowing them down In this Help Net … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/09/week-in-review-cisco-fixes-critical-uccx-flaws-november-2025-patch-tuesday-forecast/
-
Cisco Warns of Active Exploitation of ASA and FTD 0-Day Vulnerability
Cisco warns that hackers are actively exploiting a 0-day flaw in its firewall software, putting unpatched systems at risk of full compromise. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cisco-warns-of-active-exploitation-of-asa-and-ftd-0-day-vulnerability/
-
Cisco Unified CCX Remote Code Execution Vulnerabilities (CVE-2025-20354, CVE-2025-20358)
Technical details The problem comes from weak authentication in two different CCX components. CVE-2025-20354 targets the Java RMI service. CCX exposes this service to accept remote data, but it does not properly check who is sending it. That means an attacker can upload a specially crafted file and run commands on the underlying operating system.”¦…
-
Cisco Unified CCX Remote Code Execution Vulnerabilities (CVE-2025-20354, CVE-2025-20358)
Technical details The problem comes from weak authentication in two different CCX components. CVE-2025-20354 targets the Java RMI service. CCX exposes this service to accept remote data, but it does not properly check who is sending it. That means an attacker can upload a specially crafted file and run commands on the underlying operating system.”¦…
-
Cisco Unified CCX Remote Code Execution Vulnerabilities (CVE-2025-20354, CVE-2025-20358)
Technical details The problem comes from weak authentication in two different CCX components. CVE-2025-20354 targets the Java RMI service. CCX exposes this service to accept remote data, but it does not properly check who is sending it. That means an attacker can upload a specially crafted file and run commands on the underlying operating system.”¦…
-
Cisco ISE Bug Exposes Networks to Remote Restart Attacks
A critical flaw in Cisco ISE allows remote attackers to trigger system restarts, disrupting authentication and exposing networks to denial-of-service attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/cisco-ise-bug-exposes-networks-to-remote-restart-attacks/
-
Cisco ISE Bug Exposes Networks to Remote Restart Attacks
A critical flaw in Cisco ISE allows remote attackers to trigger system restarts, disrupting authentication and exposing networks to denial-of-service attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/cisco-ise-bug-exposes-networks-to-remote-restart-attacks/
-
Popular LLMs dangerously vulnerable to iterative attacks, says Cisco
Cisco researchers probed some of the most widely used public GenAI LLMs and found many of them were dangerously susceptible to so-called multi-turn cyber attacks producing undesirable outputs First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634292/Popular-LLMs-dangerously-vulnerable-to-iterative-attacks-says-Cisco