APT Group Exploits Zero-Day Vulnerabilities in Cisco and Citrix Systems

Cyber Security News by CyberSum.net

Published on November 13, 2025 at 12:00 PM

7 sources

Amazon’s threat intelligence division uncovered a cyber-espionage campaign where an advanced persistent threat (APT) group exploited zero-day vulnerabilities in Cisco and Citrix systems. The attackers targeted critical identity and network access control infrastructure, using undisclosed flaws before vendors released patches. Amazon’s MadPot honeypot service detected the exploitation attempts, leading to the identification of CVE-2025-5777 and CVE-2025-20337. The threat actor deployed a custom web shell disguised as a legitimate component, operating in-memory and using advanced encryption techniques. Security teams are advised to implement defense-in-depth strategies and closely monitor for anomalous activity.

Also Read

Whisper Leak Attack: AI Chatbots Vulnerable Despite Encryption

Microsoft researchers have identified a sophisticated side-channel attack called Whisper Leak that can infer conversation topics from encrypted AI chatbot traffic. Despite TLS encryption, the attack exploits patterns in packet sizes and timing to classify user prompts. Mitigations have been implemented by multiple vendors, but the attack poses significant risks, especially in regions with oppressive surveillance. The methodology and models are publicly available on GitHub for further research.

By Cyber Security News by CyberSum.netNovember 10, 2025 at 01:22 PM