APT Exploits Zero-Day Vulnerabilities in Cisco and Citrix Systems

APT Exploits Zero-Day Vulnerabilities in Cisco and Citrix Systems

First seen 2 Dec 2025, 18:33 UTC BleepingcomputerAws.AmazonCybersecuritynewsCybersecuritydiveTheregister+8 84% similarity 63.3

Article Content

Browse articles
ThreatCluster

An advanced persistent threat (APT) group exploited zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix systems, specifically CVE-2025-5777 and CVE-2025-20337. The attacks were detected by Amazon's MadPot honeypot service before the vulnerabilities were publicly disclosed, allowing the attackers to deploy custom malware and gain unauthorized access to critical infrastructure.

ThreatCluster AI

Community

Browse all →