Cisco News Articles
Recent news articles refferecing the vendors vulnerabilities.
"Patched" but still exposed: US federal agencies must remediate Cisco flaws (again) - Help Net Security
CISA has ordered US federal agencies to fully address CVE-2025-20333 and CVE-2025-20362 in Cisco ASA and Firepower devices.
4 days ago
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
4 days ago
TechNaduAPT Exploits Cisco and Citrix Zero-Day Vulnerabilities - TechNadu
Amazon has discovered an APT exploiting zero-days in Cisco ISE (CVE-2025-20337) and Citrix systems (CVE-2025-5777) with custom malware.
4 days ago
CyberScoopAmazon pins Cisco, Citrix zero-day attacks to APT group
The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon.
5 days ago
Techzine GlobalCitrix and Cisco attacks discovered via Amazon honeypot
Hackers exploited critical Citrix and Cisco vulnerabilities as zero-days. Amazon discovered the attacks via MadPot honeypot before patches were available.
5 days ago
Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks
An advanced threat actor exploited the critical vulnerabilities
5 days ago
Cisco: Actively exploited firewall flaws now abused for DoS attacks
Cisco warned this week that two vulnerabilities, which have been exploited in zero-day attacks, are now being abused to force ASA and FTD firewalls into reboot loops.
1 week ago
Cisco: Actively exploited firewall flaws now abused for DoS attacks
Cisco warned this week that two vulnerabilities, which have been used in zero-day attacks, are now being exploited to force ASA and FTD firewalls into reboot loops. The tech giant released security updates on...
1 week ago
Cisco Alerts on Firewall Attacks Exploiting CVE-2025-20333, CVE-2025-20362
Cisco recently confirmed the emergence of new attack vectors aimed at its Secure Firewall products. These vulnerabilities primarily affect devices running Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. Specifically, these exp...
1 week ago
Red Hot CyberCisco Addresses Critical Vulnerabilities in ASA and Unified Contact Center Express
Cisco announces patches for critical vulnerabilities in ASA and Unified Contact Center Express. Urgent updates to prevent cyberattacks.
2 weeks ago
Cisco Addresses Critical Vulnerabilities in ASA and Unified Contact Center Express
Cisco announces patches for critical vulnerabilities in ASA and Unified Contact Center Express. Urgent updates to prevent cyberattacks.
2 weeks ago
Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices
Cisco warns of a new attack variant exploiting CVE-2025-20333 and CVE-2025-20362 in Secure Firewall ASA and FTD devices.
2 weeks ago
GBHackers NewsCVE-2025-20333Cisco Confirms Active Exploitation of Secure ASA and FTD RCE Vulnerability
Cisco has issued a warning about a severe remote code execution vulnerability affecting its Secure Firewall, Adaptive Security Appliance.
2 weeks ago
Hackers targeting Cisco IOS XE devices with BadCandy implant
Security researchers and Australian authorities warn that exploitation activity is ongoing.
2 weeks ago
EmegyptCVE-2023-20198ASD Alerts: BADCANDY Attacks Exploit Cisco IOS XE Vulnerability
The Australian Signals Directorate (ASD) has raised alarms about a series of cyber attacks leveraging the BADCANDY implant. This malicious software exploits a critical vulnerability in Cisco IOS XE devices, identified as CVE-2023-20198. Overview of the Cisco IOS XE Vulnerability CVE-2023-20198 has a...
2 weeks ago
EmegyptCVE-2023-20198Australia Alert: BadCandy Threat Targets Unpatched Cisco Devices
In recent weeks, the Australian government has issued a critical warning regarding cyberattacks targeting unpatched Cisco IOS XE devices. These attacks aim to exploit a vulnerability designated as CVE-2023-20198, which has been associated with the BadCandy webshell. Overview of the CVE-2023-20198 Vu...
2 weeks ago
EmegyptCVE-2023-20198Malware Creators Monitor Your Attempts to Erase Their Code
Recent cybersecurity developments have heightened concerns about the resilience of malicious software. Specifically, a new implant named “BADCANDY” has been detected on unpatched Cisco IOS XE devices. This implant allows attackers to monitor efforts to erase their code and reintroduce their malware....
2 weeks ago
Aussie cyber agency warns of state and criminal actors abusing BADCANDY implant
The ASD’s Australian Cyber Security Centre says there are more than 150 compromised Cisco IOS XE devices embedded in Australian organisations.
2 weeks ago
Aussie cyber agency warns of state and criminal actors abusing BADCANDY implant
The ASD’s Australian Cyber Security Centre says there are more than 150 compromised Cisco IOS XE devices embedded in Australian organisations.
2 weeks ago
Security AffairsCVE-2023-20198BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government
Australia warns of attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell install.
2 weeks ago
The Hacker NewsCVE-2023-20198ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability
ASD confirms BADCANDY malware re-infecting patched Cisco IOS XE devices through CVE-2023-20198 flaw.
2 weeks ago
Cyber PressCVE-2023-20198Attackers Exploit Cisco IOS XE Vulnerability to Deploy BADCANDY Web Shell
Cybersecurity authorities are warning of ongoing exploitation campaigns targeting Cisco IOS XE devices through a critical vulnerability.
2 weeks ago
GBHackers NewsCVE-2023-20198Cisco IOS XE Vulnerability Being Abused in the Wild to Plant BADCANDY
Cybersecurity authorities are raising urgent alarms as threat actors continue to exploit a critical vulnerability in Cisco IOS XE devices.
2 weeks ago
CyberSecurityNewsCVE-2023-20198Hackers Exploiting Cisco IOS XE Vulnerability in the Wild to Deploy BADCANDY Web Shell
Cybercriminals and state-sponsored actors are ramping up attacks on unpatched Cisco IOS XE devices across Australia, deploying a persistent Lua-based web shell known as BADCANDY to maintain unauthorized access.
2 weeks ago
The Cyber ExpressCVE-2023-20198Hundreds Of Australian Devices Compromised With BadCandy Implant - The Cyber Express
Australian cyber agency has issued a critical advisory warning that over 150 devices in Australia remain compromised with the BadCandy implant as of late
2 weeks ago
Help Net SecurityCVE-2025-20352Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352) - Help Net Security
Hackers exploited a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices.
Hackers exploit Cisco SNMP flaw to deploy rootkit on switches
Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access.
The Hacker NewsCVE-2025-20352Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in "Zero Disco' Attacks
Operation Zero Disco exploits Cisco IOS flaw CVE-2025-20352 to deploy persistent Linux rootkits
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits
Trend™ Research has uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit deployment on unprotected devices, with impacts observed on Cisco 9400, 9300, and legacy 3750G series.
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws
Roughly 50,000 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers.
Cisco's Wave of Zero-Day Bugs Targets Firewalls, IOS
Patch now: Cisco recently disclosed four zero-days, including three targeted by a nation-state actor previously behind the "ArcaneDoor" campaign.
The Hacker NewsCVE-2025-20333Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive
Cisco ASA zero-days CVE-2025-20333 and 20362 exploited; CISA issues ED 25-03 for urgent patching.
The Hacker NewsCVE-2025-20352Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software
Cisco fixes CVE-2025-20352 SNMP flaw exploited in the wild, risking remote code execution or DoS.
CyberWireCVE-2025-20281Second Tea data breach exposes user chats.
PoC exploit published for maximum-severity Cisco ISE flaw. CISA warns of PaperCut vulnerability exploitation.
Two 10.0 Cisco ISE bugs added to CISA list of exploited vulnerabilities
Security teams should patch right away because exploiting ISE lets attackers gain full control of an enterprise network.
CISA (.gov)CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA
CISA has added three new vulnerabilities to its KEV Catalog, based on evidence of active exploitation
U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ISE and PaperCut flaws to its Known Exploited Vulnerabilities catalog.
Exploit available for critical Cisco ISE bug exploited in attacks
Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services Engine (ISE).
Cisco confirms active exploitation of ISE and ISE-PIC flaws
Cisco warns of active exploits targeting Identity Services Engine (ISE) and ISE-PIC flaws, first observed in July 2025.
Cisco warns of attempted exploitation of max severity ISE flaws
Three separate flaws could each enable unauthenticated RCE with root privileges.
Critical Cisco ISE Vulnerabilities Actively Exploited in RCE Attacks
Cisco has issued a critical security advisory warning of multiple unauthenticated remote code execution vulnerabilities in its Identity Services Engine (ISE).
Cisco Alerts on ISE RCE Vulnerability Actively Exploited
Cisco has issued an urgent security advisory warning that a set of critical remote code execution (RCE) vulnerabilities.
Cisco Warns of Identity Services Engine RCE Vulnerability Exploited in the Wild
Cisco Systems has issued a critical security advisory warning of multiple remote code execution vulnerabilities in its Identity Services Engine (ISE) that are being actively exploited by attackers in the wild.
Arctic WolfCVE-2025-20337Cisco Updates Advisory with Additional Maximum Severity Unauthenticated RCE in ISE and ISE-PIC I Arctic Wolf
On July 16, 2025, Cisco updated its advisory to include a third maximum-severity vulnerability affecting Cisco Identity Services Engine (ISE) and ISE-Passive Identity Connector (ISE-PIC), tracked as CVE-2025-20337.
Arctic WolfCVE-2025-20337Cisco Updates Advisory with Additional Maximum Severity Unauthenticated RCE in ISE and ISE-PIC I Arctic Wolf
On July 16, 2025, Cisco updated its advisory to include a third maximum-severity vulnerability affecting Cisco Identity Services Engine (ISE) and ISE-Passive Identity Connector (ISE-PIC), tracked as CVE-2025-20337.
The Cyber ExpressCVE-2025-20337Cisco CVE-2025-20337 & ISE-PIC Vulnerabilities Uncovered
Cisco warns CVE-2025-20337, CVE-2025-20281, and CVE-2025-20282 flaws in ISE and ISE-PIC.
Cisco Discloses '10' Flaw in ISE, ISE-PIC — Patch Now
Cisco just disclosed a critical severity flaw in its ISE and ISE-PIC products, joining two similar bugs disclosed last month.
The RegisterWatch out, another max-severity Cisco bug on the loose
Cisco has issued a patch for a critical 10 out of 10 severity bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow an unauthenticated, remote attacker to run...