Tag: cisco
-
Cisco fixed four critical flaws in Identity Services and Webex
Cisco fixed four critical flaws in Identity Services and Webex that could allow code execution and user impersonation. Cisco has addressed four critical vulnerabilities affecting its Identity Services and Webex platforms. The flaws could allow attackers to execute arbitrary code and impersonate any user within the affected services. The issues pose serious security risks, prompting…
-
Cisco fixed four critical flaws in Identity Services and Webex
Cisco fixed four critical flaws in Identity Services and Webex that could allow code execution and user impersonation. Cisco has addressed four critical vulnerabilities affecting its Identity Services and Webex platforms. The flaws could allow attackers to execute arbitrary code and impersonate any user within the affected services. The issues pose serious security risks, prompting…
-
Cisco fixed four critical flaws in Identity Services and Webex
Cisco fixed four critical flaws in Identity Services and Webex that could allow code execution and user impersonation. Cisco has addressed four critical vulnerabilities affecting its Identity Services and Webex platforms. The flaws could allow attackers to execute arbitrary code and impersonate any user within the affected services. The issues pose serious security risks, prompting…
-
Cisco says critical Webex Services flaw requires customer action
Cisco has released security updates to patch four critical vulnerabilities, including a fixed improper certificate validation flaw in the company’s cloud-based Webex Services platform that requires further customer action. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-says-critical-webex-services-flaw-requires-customer-action/
-
Cisco FMC Zero-Day Among 31 High-Impact Vulnerabilities Exploited in March
31 high-impact vulnerabilities were actively exploited in March 2026, with a Cisco firewall zero-day abused by the Interlock ransomware group emerging as one of the most dangerous threats to enterprise networks. Affected vendors span core enterprise and developer ecosystems, including Cisco, Microsoft, Google, ConnectWise, Langflow, Citrix, Aquasecurity, Nginx UI, Qualcomm, F5, Craft CMS, Laravel, Apple,…
-
Critical Cisco ISE Flaws Let Remote Attackers Execute Malicious Code
Networking giant Cisco has issued an urgent security advisory warning of two newly discovered vulnerabilities impacting its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). Cisco Identity Services Engine (ISE) is a widely deployed security policy management platform that provides secure access to enterprise network resources. The most severe of these new flaws…
-
Cisco Webex Vulnerability Allows User Impersonation Attacks
Cisco has released an urgent security advisory warning organizations of a critical vulnerability in its Webex communication platform. Tracked as CVE-2026-20184, this severe flaw could allow unauthenticated, remote attackers to entirely bypass security checks and impersonate any legitimate user within the service. Understanding the Vulnerability According to the official Cisco Security Advisory published on April…
-
RSAC Conference 2026 – Cisco erweitert Zero Trust auf KI-Agenten
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-erweitert-zero-trust-auf-ki-agenten-a-a2bffdffe0b749c9d2855ce211bc04d4/
-
Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready
In this Help Net Security interview, Idan Habler, AI Security Researcher at Cisco, breaks down a threat most security teams haven’t named yet: agentic memory as an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/14/idan-habler-cisco-agentic-ai-memory-attacks/
-
UAT-10362 linked to LucidRook attacks targeting Taiwan-based institutions
LucidRook is Lua malware used in phishing attacks on NGOs and universities in Taiwan, linked to UAT-10362, spread via password-protected emails. LucidRook is a new Lua-based malware used in targeted phishing attacks against NGOs and universities in Taiwan. Cisco Talos links it to a skilled group tracked as UAT-10362. In Oct 2025, attackers used password-protected…
-
TeamPCP griff EU und Cisco an – Massive Supply-Chain-Angriffe über Trivy-Tool und Telnyx-PyPI
First seen on security-insider.de Jump to article: www.security-insider.de/teampcp-supply-chain-angriffe-trivy-telnyx-a-ce4e1dc1ec2f5930ec814664eefd2541/
-
Technical Details Released for Critical Cisco SSM Command Execution Vulnerability
Security researchers have published technical details regarding a highly critical vulnerability in the Cisco Smart Software Manager On-Prem (SSM On-Prem). Tracked as CVE-2026-20160, this flaw carries a near-maximum CVSS score of 9.8. It allows remote, unauthenticated attackers to execute commands as a root user. With no workarounds available, organizations must apply patches immediately to secure…
-
Phishers sneak through using GitHub and Jira’s own mail delivery infrastructure
Attackers are abusing the notification systems of SaaS platforms like GitHub and Jira to send phishing and spam emails, Cisco Talos researchers are warning. >>Because the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/saas-platforms-notification-systems-phishing/
-
New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations
Cisco Talos uncovered a cluster of activity we track as UAT-10362 conducting spear-phishing campaigns against Taiwanese non-governmental organizations (NGOs) and suspected universities to deliver a newly identified malware family, “LucidRook.” First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/new-lua-based-malware-lucidrook/
-
Anthropic’s Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos, to find and address security vulnerabilities.The model will be used by a small set of organizations, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike,& First seen on thehackernews.com Jump…
-
What Anthropic Glasswing reveals about the future of vulnerability discovery
From backlog management to exposure-window risk: The issue, as Williams frames it, is not simply how many vulnerabilities exist, but how they are managed. “Mythos makes one thing painfully clear,” he says. “This is not a prioritization problem. It’s an exposure-window problem.”Traditional vulnerability management has been built around prioritization, ranking issues by severity, exploitability, and…
-
React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data
The stolen information could help the hackers plan follow-up attacks and breach more organizations, Cisco researchers said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/credential-harvesting-campaign-react2shell-cisco/816726/
-
Hackers Exploit Next.js React2Shell Vulnerability, Breach 766 Hosts in 24 Hours
Hackers are abusing a critical React2Shell vulnerability in Next.js applications to run an automated credential”‘theft operation that has already compromised at least 766 servers in under 24 hours. The threat activity is tracked as “UAT”‘10608”. It relies on a custom framework dubbed NEXUS Listener to systematically harvest and organize stolen secrets at scale. Cisco Talos describes UAT”‘10608…
-
The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines
Cisco Talos has recently observed an increase in activity that is leveraging notification pipelines in popular collaboration platforms to deliver spam and phishing emails. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/weaponizing-saas-notification-pipelines/
-
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend Micro.Qilin attacks analyzed by Talos have been found to deploy a malicious DLL named “msimg32.dll,” First seen on…
-
IT talent looks the other way as wireless security incidents pile up
Enterprise wireless networks are supporting a growing mix of devices and applications, increasing operational demand and security exposure. The 2026 Cisco State of Wireless … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/06/enterprise-wireless-networks-security-exposure/
-
Hackers Are Posting the Claude Code Leak With Bonus Malware
Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as part of an ongoing supply chain hacking spree, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-hackers-are-posting-the-claude-code-leak-with-bonus-malware/
-
Cisco fixes critical IMC auth bypass present in many products
Tags: access, ai, api, apt, attack, authentication, cisco, computing, credentials, cybersecurity, dns, email, exploit, firewall, firmware, flaw, group, infrastructure, linux, malicious, monitoring, network, password, ransomware, risk, router, vulnerability, zero-day[ Related: More Cisco news and insights ] The Cisco IMC is a baseboard management controller (BMC), a dedicated controller embedded into server motherboards with its own RAM and network interface that gives administrators monitoring and management capabilities as if they were physically connected to the server with a keyboard, monitor, and mouse (KVM). Because BMCs run…
-
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
Tags: access, ai, attack, breach, cisco, data, data-breach, extortion, group, network, ransom, ransomware, saas, supply-chainExtortion boost: The origins and deeper motives of TeamPCP, which emerged in late 2025, remain unclear. The leaking of stolen data suggests it might be styling itself as a sort of initial access broker which sells data and network access on to the highest bidder.However, the fact that stolen data was handed to a major…
-
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
Tags: access, ai, attack, breach, cisco, data, data-breach, extortion, group, network, ransom, ransomware, saas, supply-chainExtortion boost: The origins and deeper motives of TeamPCP, which emerged in late 2025, remain unclear. The leaking of stolen data suggests it might be styling itself as a sort of initial access broker which sells data and network access on to the highest bidder.However, the fact that stolen data was handed to a major…
-
Cisco 2026 State of Wireless Report: AI Wireless Threats Grow as Security Gaps Widen
Cisco finds AI-driven wireless attacks are rising as security gaps widen across complex networks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cisco-2026-state-of-wireless-report-ai-wireless-threats-grow-as-security-gaps-widen/
-
Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)
Cisco has fixed ten vulnerabilities affecting its Integrated Management Controller (IMC), the most critical of which (CVE-2026-20093) could allow an unauthenticated, remote … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/03/cisco-imc-vulnerability-cve-2026-20093/
-
Attackers Abuse React2Shell Flaw to Compromise 700+ Next.js Hosts
A massive automated cyberattack campaign is actively targeting web applications built on the popular Next.js framework to steal highly sensitive information. Cybersecurity researchers at Cisco Talos have uncovered a severe credential harvesting operation tracked as >>UAT-10608<< that compromised at least 766 servers worldwide within just 24 hours. The core of this attack relies on CVE-2025-55182,…
-
ShinyHunters Hackers Claim Theft of 3M+ Cisco Records, Threaten Public Leak
ShinyHunters hackers claim they stole 3 million+ Cisco records via Salesforce and AWS, warning of a public leak if demands are not met by April 3, 2026. First seen on hackread.com Jump to article: hackread.com/shinyhunters-hackers-cisco-records-data-leak/