Critical Cisco ISE bug can let attackers run commands as root

Cisco has released patches to fix two critical vulnerabilities in its Identity Services Engine (ISE) security policy management platform. Enterprise administrators use Cisco ISE as an identity and access management (IAM) solution that combines authentication, authorization, and accounting into a single appliance. The two security flaws (CVE-2025-20124 and CVE-2025-20125) can be exploited by authenticated remote […]

Ransomware payments fell by 35% in 2024, totalling $813,550,000

Payments to ransomware actors decreased 35% year-over-year in 2024, totaling $813.55 million, down from $1.25 billion recorded in 2023. Additionally, only about 30% of victims engaged in negotiations with ransomware actors ended up paying any ransom to them. These figures are reported by blockchain intelligence firm Chainalysis, underlining a significant decline in an otherwise record-breaking year […]

Hackers spoof Microsoft ADFS login pages to steal credentials

A help desk phishing campaign targets an organization’s Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections. The targets of this campaign, according to Abnormal Security that discovered it, are primarily education, healthcare, and government organizations, with the attack targeting at least 150 targets. These […]

AMD fixes bug that lets hackers load malicious microcode patches

​AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices. The security flaw (CVE-2024-56161) is caused by an improper signature verification weakness in AMD’s CPU ROM microcode patch loader. Attackers with local administrator privileges can exploit this weakness, resulting in the loss […]

Google Play, Apple App Store apps caught stealing crypto wallets

Android and iOS apps on the Google Play Store and Apple App Store contain a malicious software development kit (SDK) designed to steal cryptocurrency wallet recovery phrases using optical character recognition (OCR) stealers. The campaign is called “SparkCat” after the name (“Spark”) of one of the malicious SDK components in the infected apps, with developers likely […]

Cyber agencies share security guidance for network edge devices

Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. Such devices, including firewalls, routers, virtual private networks (VPN) gateways, internet-facing servers and operational technology (OT) systems, and […]

Chinese cyberspies use new SSH backdoor in network device hacks

A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. The newly identified attack suite has been used in attacks since mid-November 2024, attributed to the Chinese Evasive Panda, aka DaggerFly, cyber-espionage group. As per the findings of Fortinet’s Fortiguard researchers, the attack […]