Bleepingcomputer
APT Exploits Zero-Day Vulnerabilities in Cisco and Citrix Systems
First seen 2 Dec 2025, 18:33 UTC
•



+8
•84% similarity
•63.3
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
An advanced persistent threat (APT) group exploited zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix systems, specifically CVE-2025-5777 and CVE-2025-20337. The attacks were detected by Amazon's MadPot honeypot service before the vulnerabilities were publicly disclosed, allowing the attackers to deploy custom malware and gain unauthorized access to critical infrastructure.
ThreatCluster AI