#231 - Intel Chat: CISCO CVE 10/10, Matanbuchus, Cambodian takedown & Overstep

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

• Cisco has disclosed a critical vulnerability—tracked as CVE-2025-20337 with a perfect score of 10—affecting its Identity Services Engine (ISE) and the ISE Passive Identity Connector (ISE-PIC).
• A recently updated version of the malware-as-a-service (MaaS) loader Matanbuchus is being deployed in active spear-phishing campaigns that are ultimately aimed at high-value ransomware infections.
• Cambodia has announced the arrest of over 1,000 individuals this week as part of a nationwide crackdown on cybercrime networks operating within its borders.
• A threat actor linked to the Abyss ransomware campaign, tracked as UNC6148 by Google’s Threat Intelligence Group (GTIG), appears to be exploiting a zero-day vulnerability in SonicWall’s end-of-life Secure Mobile Access (SMA) 100 series devices.