Security News

A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity...

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login...

China's Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. [...]

Networks in US and beyond compromised by Beijing's super-snoops pulling off priv-esc attacks China's Salt Typhoon spy crew exploited vulnerabilities in Cisco devices to compromise at least seven...

Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root. [...]

Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on...

No in-the-wild exploits … yet Cisco has pushed a patch for a critical, 9.9-rated vulnerability in its Meeting Management tool that could allow a remote, authenticated attacker with low privileges...

Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) that, when triggered,...

Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on...

Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code. [...]