Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Cisco Rejects Kraken Ransomware’s Data Breach Claims

Cisco denies recent data breach claims by the Kraken ransomware group, stating leaked credentials are from a resolved 2022 incident. Learn more about Cisco's response and the details of the original attack.

HackRead
#web#mac#windows#google#cisco#auth
DeepSeek AI Fails Multiple Security Tests, Raising Red Flag for Businesses

The popular generative AI (GenAI) model allows hallucinations, easily avoidable guardrails, susceptibility to jailbreaking and malware creation requests, and more at critically high rates, researchers find.

Magecart Attackers Abuse Google Ad Tool to Steal Data

Attackers are smuggling payment card-skimming malicious code into checkout pages on Magento-based e-commerce sites by abusing the Google Tag Manager ad tool.

Changing the tide: Reflections on threat data from 2024

Thorsten examines last year’s CVE list and compares it to recent Talos Incident Response trends. Plus, get all the details on the new vulnerabilities disclosed by Talos’ Vulnerability Research Team.

Google Cloud Platform Data Destruction via Cloud Build

A technical overview of Cisco Talos' investigations into Google Cloud Platform Cloud Build, and the threat surface posed by the storage permission family.

Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc

Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices. The vulnerabilities are listed below - CVE-2025-20124 (CVSS score: 9.9) - An insecure Java deserialization vulnerability in an API of Cisco ISE that could permit an authenticated, remote

University site cloned to evade ad detection distributes fake Cisco installer

Malvertisers got inspired by the website for a German university to bypass ad security and distribute malware.

Attackers Target Education Sector, Hijack Microsoft Accounts

A sophisticated cyberattack campaign is targeting organizations that still rely on Active Directory Federation Services (ADFS) for authentication across applications and services.

Chinese 'Infrastructure Laundering' Abuses AWS, Microsoft Cloud

Funnull CDN rents IPs from legitimate cloud service providers and uses them to host criminal websites, continuously cycling cloud resources in and out of use and acquiring new ones to stay ahead of cyber-defender detection.