CISA Warns of Cisco Identity Services Engine Vulnerability Exploited in Attacks

Threat Score:
47
Cybersecurity News
7 days ago

Overview

CISA has issued an urgent warning regarding two critical injection vulnerabilities in Cisco’s Identity Services Engine (ISE) that threat actors are actively exploiting.  The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20337, allow attackers to achieve remote code execution with root privileges on affected systems.  Key Takeaways1. CISA added two Cisco ISE vulnerabilities (CVE-2025-20281, CVE-2025-20337) to its […]...

Related Articles

5 articles
2

APT36 Targets Indian Government: Credential Theft Campaign Uncovered

GB Hackers 4 hours ago

APT36 Targets Indian Government: Credential Theft Campaign Uncovered A sophisticated phishing campaign attributed with medium confidence to the Pakistan-linked APT36 group, also known as Transparent Tribe or Mythic Leopard, has been uncovered targeting Indian defense organizations and government entities. This operation employs typo-squatted domains that mimic official Indian government platforms, such as mail.mgovcloud.in and virtualeoffice.cloud, to deceive users into surrendering credentials.

Score
84
Read more
3

North Korean Hackers Exploit NPM Packages to Steal Cryptocurrency and Sensitive Data

GB Hackers 5 hours ago

North Korean Hackers Exploit NPM Packages to Steal Cryptocurrency and Sensitive Data Veracode Threat Research has uncovered a sophisticated North Korean cryptocurrency theft operation that continues to evolve, building on campaigns previously reported in February and June 2024. This latest iteration involves twelve malicious NPM packages, including cloud-binary, json-cookie-csv, cloudmedia, and nodemailer-enhancer, which were flagged by automated monitoring systems and subsequently removed from

Score
84
Read more