AWS dug through its honeypot data and confirmed that CVE-2025-5777 (Cisco ISE RCE) and CVE-2025-5777 (memory leak in Citrix NetScaler) were exploited as zero-days before their patches.

Nothing new here except the confirmation that an APT was behind the attacks

https://aws.amazon.com/blogs/security/amazon-discovers-apt-exploiting-cisco-and-citrix-zero-days/

@campuscodi I'm really curious if the RXSS will get caught ItW!

https://github.com/v-p-b/xss-reflections