AWS dug through its honeypot data and confirmed that CVE-2025-5777 (Cisco ISE RCE) and CVE-2025-5777 (memory leak in Citrix NetScaler) were exploited as zero-days before their patches.

campuscodi@mastodon.social

Nothing new here except the confirmation that an APT was behind the attacks

Amazon discovers APT exploiting Cisco and Citrix zero-days | Amazon Web Services

The Amazon threat intelligence team has identified an advanced threat actor exploiting previously undisclosed zero-day vulnerabilities in Cisco Identity Service Engine (ISE) and Citrix systems. The campaign used custom malware and demonstrated access to multiple undisclosed vulnerabilities. This discovery highlights the trend of threat actors focusing on critical identity and network access control infrastructure—the systems […]

Amazon Web Services (aws.amazon.com)

Citiverse

Navigazione

Account

Navigazione

Account

AWS dug through its honeypot data and confirmed that CVE-2025-5777 (Cisco ISE RCE) and CVE-2025-5777 (memory leak in Citrix NetScaler) were exploited as zero-days before their patches.

Amazon discovers APT exploiting Cisco and Citrix zero-days | Amazon Web Services

L’Antivirus Triofox sfruttato per installare componenti di accesso remoto

L’Antivirus Triofox sfruttato per installare componenti di accesso remoto

The Italian equivalent of the IRS sent me one paragraph of text (to tell me my audit passed!).

Oggi pensavo a Edward Snowden, che due anni fa diceva "no regrets".

Quesra mi serve per una roba

Due 0day, un solo attacco: il colpo perfetto contro Citrix e Cisco.

Due 0day, un solo attacco: il colpo perfetto contro Citrix e Cisco.

This has been confirmed today: https://operation-endgame.com/