Sophisticated threat actor targeting zero-day flaws in Cisco ISE and Citrix
An advanced persistent threat actor has been targeting zero-day vulnerabilities in Cisco Identity Service Engine as well as Citrix, according to a blog post published…
Month: November 2025
“Never Trust, Always Verify” Goes Autonomous
Written by Ido Shlomo, CTO and Co-Founder, Token Security As organizations rapidly adopt AI assistants and autonomous agents to streamline workflows and boost efficiency, they…
Multiple Apache OpenOffice Vulnerabilities Leads to Memory Corruption and Unauthorized Content Loading
Apache OpenOffice has released version 4.1.16, addressing seven critical security vulnerabilities that enable unauthorized remote document loading and memory corruption attacks. These flaws represent a…
UK’s new Cyber Security and Resilience Bill targets weak links in critical services
The UK government has introduced the Cyber Security and Resilience Bill, a major piece of legislation designed to boost the country’s protection against cyber threats.…
Microsoft fixes bug causing false Windows 10 end-of-support alerts
Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the…
Why Your Business Needs Live Threat Intel from 15K SOCs
Cybersecurity leaders now face an impossible equation: you need intelligence that’s comprehensive enough to protect your organisation, fresh enough to stop emerging threats, and manageable enough that your…
Chrome Security Update Fixes Improper Implementation in V8 JavaScript Engine
Google has released a new stable Chrome update that addresses a serious flaw in its V8 JavaScript engine. The update, now available as version 142.0.7444.162/.163…
Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks
An advanced threat actor exploited the critical vulnerabilities “Citrix Bleed 2″ (CVE-2025-5777) in NetScaler ADC and Gateway, and CVE-2025-20337 affecting Cisco Identity Service Engine (ISE) as zero-days…
Beware of Malicious Steam Cleanup Tool Attack Windows Machines to Deploy Backdoor Malware
A sophisticated backdoor malware campaign has emerged targeting Windows users through a weaponized version of SteamCleaner, a legitimate open-source utility designed to clean junk files…
English-Speaking Cybercriminal Network ‘The COM’ Drives Global Cyberattacks
The English-speaking cybercriminal ecosystem known as “The COM” has evolved from a niche underground culture into a sophisticated, professional service-oriented economy that orchestrates some of…
Hackers Use KakaoTalk and Google Find Hub in Android Spyware Attack – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
A state-sponsored hacking group known as KONNI, suspected to be linked to the North Korean regime and related groups like Kimsuky or APT37, has been…
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Nov 12, 2025Ravie LakshmananNetwork Security / Zero-Day Amazon’s threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security…