Cybersecurity News

Cisco has recently addressed two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) platforms, tracked as CVE-2025-20281 and CVE-2025-20282. Both vulnerabilities allow unauthenticated, remote attackers to execute arbitrary code with root privileges, posing a severe risk to affected systems.

CrowdStrike, a leading cybersecurity company, announced in May 2025 that it would cut about 500 jobs, or roughly 5% of its global workforce, as part of a strategic shift to realign its operations and invest more heavily in artificial intelligence (AI). This move comes despite the company reporting significant revenue growth—29% year-over-year, reaching nearly $4 billion for fiscal year 2025—and a strong position in its core market, though it did post a net loss after a previous year of profitability.

Iranian state-sponsored hackers linked to APT35 (also tracked as Charming Kitten, Mint Sandstorm, or Educated Manticore) have intensified spear-phishing campaigns targeting Israeli technology experts, cybersecurity professionals, journalists, and academics since mid-June 2025. These attacks escalated following Israeli airstrikes against Iran and leverage AI-generated content for social engineering.

On Wednesday, June 26, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three significant security flaws to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities are actively being exploited in the wild and pose serious risks to affected systems.

Hundreds of Model Context Protocol (MCP) servers used to connect LLMs with third-party services, data sources, and tools contain critical security flaws in their default configurations. These vulnerabilities expose users to unauthorized operating system command execution, data breaches, and systemic compromise. Below is a detailed analysis of the risks and mitigation strategies.

Cybersecurity researchers have recently identified a new wave of malicious npm (Node Package Manager) packages tied to the ongoing “Contagious Interview” operation, which is attributed to North Korean state-sponsored threat actors. This campaign specifically targets software developers who are actively seeking employment, leveraging the trust and routine practices of the tech hiring process.

Recent research reveals that despite being disclosed in June 2023, the nOAuth vulnerability continues to threaten thousands of SaaS applications. Semperis’s June 2025 findings indicate that over 15,000 enterprise SaaS apps remain exposed to this authentication flaw in Microsoft Entra ID, enabling attackers to hijack user accounts with minimal effort.