Cisco has confirmed that attackers are actively exploiting a Cisco Unified CM vulnerability that allows remote server-side request forgery (SSRF) attacks. The flaw, tracked as CVE-2026-20230, received patches in early June, but security researchers later observed attackers using public exploit techniques against vulnerable systems. The networking giant now urges organizations running Cisco Unified Communications Manager…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to urgently patch Cisco CVE-2026-20230 after confirming that attackers are actively exploiting the vulnerability. CISA added the flaw to its Known Exploited Vulnerabilities (KEV) Catalog and instructed agencies covered by Binding Operational Directive (BOD) 26-04 to complete remediation by June 28. Cisco CVE-2026-20230…
Cisco has disclosed a critical vulnerability in SD-WAN Manager that attackers have already exploited in zero-day attacks to gain root-level access to affected systems. The company confirmed that threat actors targeted the flaw before a security update became available, increasing the urgency for organizations running vulnerable deployments. Tracked as CVE-2025-20337, the vulnerability affects Cisco SD-WAN…
A Cisco Salesforce breach claim has surfaced after a cybercriminal group alleged it accessed company data and is now attempting to extort payment. Cisco has not confirmed that a breach occurred. However, the claims appear alongside a wider pattern of attacks targeting Salesforce environments through social engineering. Hackers claim access to Salesforce data The group…
A supply chain attack led to a Cisco source code theft after attackers compromised a widely used security tool. Instead of targeting Cisco directly, the attackers moved through a trusted component inside the company’s development pipeline. As a result, they gained access to internal systems and extracted sensitive code. This incident shows how modern attacks…
Newly disclosed Cisco SD-WAN flaws are being actively exploited in cyberattacks targeting enterprise network infrastructure. Cisco confirmed that attackers are abusing vulnerabilities affecting its Catalyst SD-WAN Manager platform. The management system controls networking policies and traffic across distributed enterprise environments. A compromise of this system could expose entire corporate networks to attackers. Security teams are…
A newly disclosed Cisco ISE vulnerability has raised concerns across enterprise networks that rely on Cisco Identity Services Engine for access control. Cisco confirmed that exploit code is now publicly available, which significantly increases the risk for unpatched deployments. The flaw affects core identity infrastructure used to manage authentication, authorization, and network access policies. While…
The Cisco zero-day exploitation crisis has revealed almost 200,000 devices exposed worldwide. Attackers are actively abusing the vulnerability, making this one of the most pressing security incidents of the year. Organizations relying on Cisco hardware must act fast to reduce risks. Scope of the Cisco Zero-Day Exposure Researchers identified nearly 200,000 devices still online and…
Three critical Cisco zero-day vulnerabilities are under active attack, with CISA warning organizations to patch immediately. Security experts link the campaign to the ArcaneDoor espionage group, raising concerns about nation-state involvement. The Three Vulnerabilities Cisco confirmed three flaws in ASA and Firepower devices: Cisco stated no workarounds exist. Only patching can remove the risk. ArcaneDoor…
A sharp Cisco ASA scanning surge has alarmed security researchers. In late August 2025, GreyNoise detected unusual activity targeting Cisco Adaptive Security Appliance (ASA) devices. At the peak, scans from 25,000 unique IPs probed login portals and remote access services. This scale suggests attackers may prepare to exploit a yet-to-be disclosed vulnerability. Attack Details GreyNoise…