APT Targets Cisco and Citrix Zero Days
The chain of discovery began with Amazon's security honeypot service, MadPot, which detected exploitation attempts for the Citrix Bleed Two vulnerability (CVE-2025-5777) before its public disclosure
All topics
Vulnerabilities
25 Posts
Microsoft Warns of Exploited Windows Kernel Zero-Day
The important-severity flaw (CVE-2025-62215) has been exploited, said Microsoft.
Microsoft Fixes Actively Exploited Flaws in Patch Tuesday Release
Microsoft issued fixes for several actively exploited vulnerabilities in its latest patch Tuesday release.
Oracle Warns of E-Business Suite Bug
A Saturday advisory from Oracle's CISO warned of a vulnerability impacting some deployments of E-Business Suite (CVE-2025-61884).
More Cl0p Clues and Huge Apple Bug Bounty Changes
This week brings some new insights into the origins and length of the Cl0p extortion attacks tied to the Oracle E-Business Suite vulnerability, big surges in scanning for Cisco ASA, Palo Alto, and Fortinet devices, and a huge upgrade to Apple bug bounty payouts.
Data Connects Scanning Surges for Cisco, Fortinet, PAN Devices
Researchers say that all three campaigns are being driven at least in part by one threat actor.