Blog – Page 408 – Cyber Mike

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild.
The vulnerabilities in question are listed below –

CVE-2025-7775 (CVSS score: 9.2) – Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service
CVE-2025-7776 (CVSS score: 8.8) – Memory overflow

New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station

A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB).
The attack, per the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), relies on a new open-source software toolkit named Sni5Gect (short for “Sniffing 5G Inject”) that’s

Beyond the Prompt: Building Trustworthy Agent Systems

Building secure AI agent systems requires a disciplined engineering approach focused on deliberate architecture and human oversight.

The post Beyond the Prompt: Building Trustworthy Agent Systems appeared first on SecurityWeek.

CISA warns of actively exploited Git code execution flaw

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. […]

Beyond GDPR security training: Turning regulation into opportunity

Discover how GDPR compliance can spark real growth and give you a competitive advantage with practical strategies and a strong security culture. […]

Nissan confirms design studio data breach claimed by Qilin ransomware

Nissan Japan has confirmed to BleepingComputer that it suffered a data breach following unauthorized access to a server of one of its subsidiaries, Creative Box Inc. (CBI). […]

MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell.
The activity has been codenamed ZipLine by Check Point Research.
“Instead of sending unsolicited phishing emails, attackers initiate contact through a company’s public ‘Contact Us’ form, tricking

Cyber News