Exploit available for critical Cisco ISE bug exploited in attacks

Published on July 28, 2025

Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services Engine (ISE). [...]

Continue reading on website
Other news

CISA flags PaperCut RCE bug as exploited in attacks, patch now

July 28, 2025
CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery (CSRF) attacks. [...]

Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads

July 28, 2025
In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry.The packages contained code to exfiltrate GitHub authentication tokens and destroy victim systems, Socket said in a report published last week. In addition, 73 repositories