Latest news
Vulnerability
CVSS 9.1: Critical Cisco ISE Vulnerabilities Enable Remote Code Execution and Unauthenticated Data Theft
19 June 2026 dark6
Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) — CVE-2026-20181 (RCE, CVSS 9.1) and CVE-2026-20190 (unauthenticated...
Vulnerability
CVE-2026-20262: Cisco Catalyst SD-WAN vManage Zero-Day Actively Exploited in Enterprise Attacks
16 June 2026 dark6
Cisco has confirmed active zero-day exploitation of CVE-2026-20262, an arbitrary-file-write vulnerability in Catalyst SD-WAN Manager (vManage) that allows attackers to...
Malware
State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities
26 April 2026 dark6
Cisco Talos has uncovered an active espionage campaign by state-sponsored group UAT-4356, which chains two Cisco Firepower FXOS vulnerabilities (CVE-2025-20333...
Vulnerability
Cisco Patches Four Critical Flaws in Identity Services Engine and Webex: Unauthenticated RCE and Full User Impersonation at Risk
21 April 2026 dark6
Cisco has patched four critical vulnerabilities in Identity Services Engine (ISE) and Webex, including an unauthenticated remote code execution flaw...
Vulnerability
Critical Cisco vulnerability threatens Web-Based management interfaces
14 September 2024 dark6
Cisco has recently disclosed a severe vulnerability (CVE-2024-20381) impacting the JSON-RPC API feature used by various web-based management interfaces in...
Ransomware
Ransomware threats loom over Paris 2024 olympics
29 July 2024 dark6
A recent study by ExtraHop has highlighted the near inevitability of ransomware attacks targeting the Paris 2024 Olympics. The event’s...