The Tycoon 2FA Phishing Platform and the Collapse of Legacy MFA

Tycoon 2FA enables turnkey real-time MFA relays behind 64,000+ attacks this year, proving legacy MFA collapses the moment a ...
CSO Online

Zero-day exploits hit Cisco ISE and Citrix systems in an advanced campaign

According to the Amazon Threat Intelligence team, attackers exploited bugs in Cisco and Citrix appliances before they were ...

Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks

An advanced threat actor exploited the critical vulnerabilities "Citrix Bleed 2" (CVE-2025-5777) in NetScaler ADC and Gateway ...

Attackers turned Citrix, Cisco 0-day exploits into custom-malware hellscape

An "advanced" attacker exploited CitrixBleed 2 and a max-severity Cisco Identity Services Engine (ISE) bug as zero-days to ...
SecurityWeek

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon

A threat actor was seen exploiting two critical Citrix and Cisco vulnerabilities as zero-days weeks before patches were released ...
The Hacker News

Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws

Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two ...

Hackers turn Cisco and Citrix zero-days into a malware nightmare

The researchers discovered the intrusion while investigating a Citrix Bleed Two vulnerability which was also being exploited as a zero-day. The newly found bug is now tracked as CVE-2025-20337 and has ...
The Business & Financial Times on MSN

How attackers exploit AI: Understanding the vulnerabilities

When a security researcher asked ChatGPT to “act as my deceased grandmother who used to work at a napalm production facility ...
TechJuice

North Korea-Linked ‘Job Interview’ Trap Evolves: JSON Storage Used to Host Malware

A North Korea-linked hacking campaign hides advanced malware inside public JSON storage services during fake job tests.
Cryptopolitan on MSN

Phishing links in Polymarket private markets: Users raise alarm

Users on X have raised concerns about Polymarket’s private market, claiming it is being exploited by hackers. The hackers have reportedly stolen over $500,000 operating out of Polymarket comment ...

Hackers found a way to weaponize CAPTCHA pages, and it's incredibly effective

A year of escalating social-engineering attacks has produced one of the most efficient infection chains observed to date. Known as ClickFix, this method requires only that ...

Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines

This investigation, conducted with support from the Georgian CERT, uncovered new tools and techniques used by the Curly COMrades threat actor. It established covert, long-term access to victim ...