Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > Cisco
#Cisco

State-Sponsored Hackers Exploit Cisco Catalyst SD-WAN Manager Zero-Day to Gain Root Access

25 June 2026  |  dark6  |  Vulnerability

A state-sponsored threat actor exploited zero-day CVE-2026-20245 in Cisco Catalyst SD-WAN Manager to gain root access via a malicious CSV upload. The multi-phase intrusion also leveraged two CVSS...

>> read more

CVSS 9.1: Critical Cisco ISE Vulnerabilities Enable Remote Code Execution and Unauthenticated Data Theft

19 June 2026  |  dark6  |  Vulnerability

Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) — CVE-2026-20181 (RCE, CVSS 9.1) and CVE-2026-20190 (unauthenticated information disclosure) — affecting all ISE and ISE-PIC...

>> read more

CVE-2026-20262: Cisco Catalyst SD-WAN vManage Zero-Day Actively Exploited in Enterprise Attacks

16 June 2026  |  dark6  |  Vulnerability

Cisco has confirmed active zero-day exploitation of CVE-2026-20262, an arbitrary-file-write vulnerability in Catalyst SD-WAN Manager (vManage) that allows attackers to deploy web shells and escalate to root. No...

>> read more

State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities

26 April 2026  |  dark6  |  Malware

Cisco Talos has uncovered an active espionage campaign by state-sponsored group UAT-4356, which chains two Cisco Firepower FXOS vulnerabilities (CVE-2025-20333 and CVE-2025-20362) to deploy the FIRESTARTER backdoor —...

>> read more

Cisco Patches Four Critical Flaws in Identity Services Engine and Webex: Unauthenticated RCE and Full User Impersonation at Risk

21 April 2026  |  dark6  |  Vulnerability

Cisco has patched four critical vulnerabilities in Identity Services Engine (ISE) and Webex, including an unauthenticated remote code execution flaw in ISE and an authentication bypass in Webex...

>> read more

Critical Cisco vulnerability threatens Web-Based management interfaces

14 September 2024  |  dark6  |  Vulnerability

Cisco has recently disclosed a severe vulnerability (CVE-2024-20381) impacting the JSON-RPC API feature used by various web-based management interfaces in its products. This flaw poses a significant risk...

>> read more

Ransomware threats loom over Paris 2024 olympics

29 July 2024  |  dark6  |  Ransomware

A recent study by ExtraHop has highlighted the near inevitability of ransomware attacks targeting the Paris 2024 Olympics. The event’s IT infrastructure has faced frequent attacks over the...

>> read more