#Cisco
16 stories taggedCisco.

Chinese Hacking Group Adds Three New Backdoors to Its Router Attack Kit
The group behind a long-running campaign targeting small office routers has quietly expanded its toolbox, giving it more ways to hide inside a victim's network.

Cisco Spends Around $400 Million to Plug a Growing Security Blind Spot: AI Agents
Two rapid-fire acquisitions — Astrix Security and WideField Security — are Cisco's answer to a question most companies haven't thought to ask: who's watching the bots?

Cisco admits hackers are breaking into its phone system software — here's what that means
A flaw in Cisco Unified Communications Manager, the software that runs office phone systems, is now being actively abused after a patch and public exploit code lit the fuse.

Cisco Phone System Flaw Now Being Actively Exploited — Patch Immediately
A security hole in Cisco's business phone software is being used in real attacks. Millions of offices run this software. The fix has existed since June.

Cisco Catalyst SD-WAN Bug Hit as Zero-Day Months Before Disclosure
Mandiant says an unidentified actor exploited CVE-2026-20245 for at least two months before Cisco's public advisory, gaining root on affected appliances.

Cisco Unified CM SSRF Flaw Hits Active Exploitation Three Weeks After Patch Drop
A file-write chain rooted in CVE-2026-20230 is now being probed in the wild. PoC was already public when Cisco shipped the fix.

Cisco Unified CM Bug Under Active Exploit After PoC Drops Root File-Write Chain
CVE-2026-20230 (CVSS 8.6) lets unauthenticated attackers smuggle crafted HTTP requests into Unified CM. Cisco's PSIRT confirms in-the-wild attempts following public PoC release.

Cisco Acquires WideField Security to Wire Identity Intelligence Into Splunk's Agentic SOC
The deal adds credential, session, and blast-radius visibility to Splunk's autonomous detection pipeline — filling a gap that pure log-correlation has always struggled with.

Cisco's SD-WAN Manager Has a Write-to-Root Problem — and Attackers Found It First
CVE-2026-20262 lets an authenticated attacker overwrite arbitrary files on Cisco Catalyst SD-WAN Manager, with a clear path to root. No workaround exists. Exploitation is already underway.

Cisco Patches Catalyst SD-WAN Manager Bug Already Seeing In-the-Wild Abuse
CVE-2026-20262 lets an authenticated remote user write files on the appliance. Cisco confirms exploitation. Severity is rated medium, but the access it enables is not.

CISA Triggers Federal Patch Clock on Cisco, Chrome and Arista Bugs Under KEV
Three vulnerabilities added to the Known Exploited Vulnerabilities catalog activate BOD 22-01 remediation deadlines for civilian agencies.

Cisco SD-WAN Manager Has an Unpatched Privilege-Escalation Flaw Under Active Exploitation
A command-injection bug in Catalyst SD-WAN Manager is already being used in the wild. No patch exists yet — and a known espionage group may be involved.

Cisco SD-WAN Manager Bug Under Active Exploit, No Fix Yet
CVE-2026-20245 affects on-prem and FedRAMP deployments. Cisco confirms exploitation in the wild while customers wait on a patch.

Public PoC Lands for Cisco Unified CM Root-Write Bug CVE-2026-20230
An unauthenticated SSRF in Cisco Unified Communications Manager opens a path to root. Cisco's PSIRT hasn't observed in-the-wild use — yet.

Cisco Secure Workload Flaw Demands Immediate Attention
Cisco Secure Workload vulnerability allows attackers admin-level access; patch now.