The activity, per the intelligence agency, involves the exploitation of CVE-2023-20198 (CVSS score: 10.0), a critical ...

Dubbed BadCandy, the implant affects Cisco IOS XE devices with a basic web shell based on Lua coding. The attack takes ...

PLUS: Cyber-exec admits selling secrets to Russia; LastPass isn't checking to see if you're dead; Nation-state backed Windows ...

Cisco warned this week that two vulnerabilities, which have been exploited in zero-day attacks, are now being abused to force ...

More than 150 Australian Cisco routers and switches remain infected with the BADCANDY webshell as of late October 2025, ...

An update against the Cisco IOS XE vulnerability CVE-2023-20198 has been available since 2023. The Shadowserver Foundation ...

The attack campaign is a rare example of an advanced attack done at a wide scale. Cyberthreats targeting a specific vendor such as the latest attacks against Cisco customers are always a big concern.

Cisco’s approach is centered on infrastructure modernization, secure connectivity and digital resilience. To advance that strategy, Cisco is embedding AI observability into its network and security ...

Three days after Cisco disclosed details of a dangerous zero-day in its IOS XE software, known compromises appear to be rising at a rapid rate, with thousands of victims, many of them high-profile ...

Cisco has warned users around the world after observing ongoing exploitation of a newly discovered zero-day in the web user interface (UI) feature of its IOS XE software when inadvertently exposed to ...

Cisco has done a major revamp of its Internetworking Operating System (IOS) XR, including opening the software to host third-party applications directly on Cisco devices via SDKs and Cisco’s DevNet ...