Tag: cisco
-
ISMG Editors: The Governance Questions Haunting OpenAI
Also: Rethinking SASE and AI’s Impact on the Cyber Workforce. In this week’s panel, four ISMG editors discussed what the Musk vs. Altman trial exposed about OpenAI’s governance program, how AI is reshaping the way enterprises think about security and why Cisco, Cloudflare, Arctic Wolf and other firms are redesigning their workforces for the AI…
-
Künstliche Intelligenz: Cisco berichtet von Fehlern bei KI-Sicherheitsberichten
Zwar spart die KI viel Zeit beim Erstellen der Berichte, bei der Nachbearbeitung zeigen sich aber viele Fehler, die zum Risiko werden. First seen on golem.de Jump to article: www.golem.de/news/kuenstliche-intelligenz-cisco-berichtet-von-fehlern-bei-ki-sicherheitsberichten-2605-208985.html
-
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data.Tracked as CVE-2026-20223 (CVSS score: 10.0), the vulnerability arises from insufficient validation and authentication when accessing REST API endpoints.”An attacker could exploit this vulnerability if they are able to send First seen…
-
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data.Tracked as CVE-2026-20223 (CVSS score: 10.0), the vulnerability arises from insufficient validation and authentication when accessing REST API endpoints.”An attacker could exploit this vulnerability if they are able to send First seen…
-
Breach Roundup: Shai-Hulud Copycat Hits npm
Also, YellowKey Gets CVE, 7-Eleven Breach, Linux Maintainers Warn on AI Bug Spam. This week, more incidents that we can here list. Among them: cloned Shai-Hulud malware, a new maximum CVSS Cisco flaw. Edge to stop loading passwords in plaintext. Tycoon 2FA offers a way around Microsoft multifactor. Convenience, taquitos and data breach: The 7-Eleven…
-
Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload
Cisco fixed a critical Secure Workload flaw (CVE-2026-20223) that could let attackers gain Site Admin privileges through crafted API requests. Cisco released patches for a critical vulnerability, tracked as CVE-2026-20223 (CVSS score of 10.0), in Secure Workload. The flaw stems from insufficient validation and authentication in REST API endpoints. According to Cisco, remote attackers could…
-
Max severity Cisco Secure Workload flaw gives Site Admin privileges
Cisco has released security updates to address a maximum-severity vulnerability in Secure Workload that allows attackers to gain Site Admin privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-max-severity-secure-workload-flaw-gives-hackers-site-admin-privileges/
-
Critical Vulnerability in Cisco Secure Workload Threatens Enterprise API Security
Cisco has disclosed a critical security vulnerability in its Secure Workload platform that could allow unauthenticated attackers to gain high-level administrative access to sensitive enterprise environments. The flaw, tracked as CVE-2026-20223, carries a maximum CVSS score of 10.0 and is classified under CWE-306 (Missing Authentication for Critical Function). According to Cisco’s advisory (cisco-sa-csw-pnbsa-g8WEnuy), the issue…
-
TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adobe Photoshop, OpenVPN, and Gen Digital's Norton VPN.The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to Cisco’s third-party vulnerability First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/tp-link-photoshop-openvpn-norton-vpn-vulnerabilities/
-
From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
Cisco Talos has uncovered a BadIIS variant, identifiable by its embedded “demo.pdb” strings, that functions as commodity malware, likely sold or shared among multiple Chinese-speaking cyber crime groups operating under a malware-as-a-service (MaaS) model for continuous monetization. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/from-pdb-strings-to-maas-tracking-a-commodity-badiis-ecosystem/
-
CVE-2026-20182: Unauthenticated Cisco SD-WAN Control-Plane Compromise via vHub Authentication Bypass
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cve-2026-20182-unauthenticated-cisco-sd-wan-control-plane-compromise-via-vhub-authentication-bypass
-
âš¡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted.The pattern is clear. One weak dependency can leak keys. One leaked key…
-
Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason Andress has refreshed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/17/week-in-review-cisco-patches-sd-wan-0-day-unpatched-microsoft-exchange-server-flaw-exploited/
-
New Cisco SD-WAN Zero-Day Grants Admin Access
Broken vdaemon Peering Authentication Enables Unauthenticated Admin Access. A maximum-severity vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited, giving attackers administrative privileges without authentication. The authentication bypass vulnerability stems from a broken peering authentication mechanism. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/new-cisco-sd-wan-zero-day-grants-admin-access-a-31708
-
Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/attackers-exploit-critical-flaw-in-cisco-catalyst-sd-wan-controller/820368/
-
Cisco zero-day under ongoing attack by persistent threat group
The threat group behind the attacks is also linked to a series of recently disclosed vulnerabilities in the vendor’s firewalls and SD-WAN systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-sd-wan-zero-day-exploited/
-
CISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday
Cisco released a patch for the vulnerability on Thursday, writing in an advisory that it could “allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.” First seen on therecord.media Jump to article: therecord.media/cisa-orders-all-federal-agencies-to-patch-cisco-sd-wan-bug
-
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by >>a highly … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/15/cisco-sd-wan-zero-day-cve-2026-20182/
-
Cisco warns of an actively exploited SD-WAN flaw with max severity
Tags: access, advisory, cisco, cloud, control, cve, cvss, cybersecurity, data-breach, exploit, flaw, infrastructure, kev, malicious, mitigation, network, service, software, update, vulnerabilityroot user account,” Cisco said. “Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.”The issue, tracked as CVE-2026-20182, received a max-severity rating of CVSS 10.0. The company said that the issue is configuration-independent, meaning vulnerable systems remain exposed regardless of deployment-specific settings.Cisco…
-
Cisco Catalyst SD-WAN Controller Flaw Under Active Exploitation for Admin Access
Cisco has disclosed a critical vulnerability in its Catalyst SD-WAN platform that is already being exploited in the wild, allowing attackers to gain administrative control over enterprise networks without authentication. Critical SD-WAN flaw under attack The vulnerability, tracked as CVE-2026-20182, carries a maximum CVSS score of 10.0 and affects Cisco Catalyst SD-WAN Controller (vSmart) and…
-
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026.The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It’s First seen on thehackernews.com…
-
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco’s network control system. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/maximum-severity-cisco-sd-wan-bug-exploited
-
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-new-critical-sd-wan-flaw-exploited-in-zero-day-attacks/
-
U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Catalyst SD-WAN, tracked as CVE-2026-20182 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Cisco fixed CVE-2026-20182, a flaw in SD-WAN control…
-
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks.The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0.”A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly First seen…
-
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Cisco Talos is tracking the active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/sd-wan-ongoing-exploitation/
-
Cisco cuts nearly 4,000 jobs to spend more on AI, reports ‘record quarterly revenue’
This is Cisco’s latest layoff in recent years, while the company’s chief executive touts record revenue and growth. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/14/cisco-cuts-nearly-4000-jobs-to-spend-more-on-ai-reports-record-quarterly-revenue/
-
Gentlemen RaaS Exploits Fortinet and Cisco Edge Devices for Initial Access
The Gentlemen ransomware-as-a-service (RaaS) operation is turning exposed Fortinet and Cisco edge devices into a fast lane into enterprise networks and doing it at scale. What began as a rising RaaS brand in mid”‘2025 has, by early 2026, evolved into one of the most active programs on the underground, with hundreds of victims and a…
-
OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos
Tags: access, ai, cisco, crowdstrike, cyber, cybersecurity, defense, detection, fortinet, framework, government, malware, network, openai, oracle, penetration-testing, RedTeam, risk, software, strategy, technology, update, vulnerabilityOpenAI’s cybersecurity model stack: OpenAI is pursuing a scalable cyber defense platform strategy with Daybreak and is rolling out the initiative through three different model tiers: GPT-5.5 (default), GPT-5.5 with Trusted Access for Cyber, and GPT-5.5-Cyber.The standard GPT-5.5 model is positioned for general-purpose enterprise use cases, including developer assistance and knowledge work. GPT-5.5 with Trusted…