Cisco Says User Data Stolen in CRM Hack
Cisco has disclosed a data breach affecting Cisco.com user accounts, including names, email address, and phone numbers.
The post Cisco Says User Data Stolen in CRM Hack appeared first on SecurityWeek.
Cisco
Maximum severity Cisco ISE vulnerabilities exploited by attackers
One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the flaws. About the vulnerabilities The three vulnerabilities affect Cisco’s Id…
Hackers Start Exploiting Critical Cisco ISE Vulnerabilities
Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution.
The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek.
Cisco confirms active exploitation of ISE and ISE-PIC flaws
Cisco warns of active exploits targeting Identity Services Engine (ISE) and ISE-PIC flaws, first observed in July 2025. Cisco confirmed attempted exploitation in the wild of recently disclosed ISE and ISE-PIC flaws (CVE-2025-20281, CVE-2025-20282, CVE-2025-20337), updating its advisory after detecting attacks in July 2025. “Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE […]
Cisco Patches Another Critical ISE Vulnerability
Cisco has released patches for multiple vulnerabilities, including a critical flaw in Cisco ISE that leads to remote code execution (RCE).
The post Cisco Patches Another Critical ISE Vulnerability appeared first on SecurityWeek.
Cisco Issues Emergency Fix for Critical Root Credential Flaw in Unified CM
Cisco fixes critical root credential vulnerability in Unified CM rated CVSS 10 urging users to patch now to stop remote admin takeovers.
Cisco Warns of Hardcoded Credentials in Enterprise Software
Hardcoded SSH credentials in Cisco Unified CM and Unified CM SME could allow attackers to execute commands as root.
The post Cisco Warns of Hardcoded Credentials in Enterprise Software appeared first on SecurityWeek.
Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)
Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the root account, could allow unauthenticated remote attackers to log into a vulnerable Cisco Unified Communications Mana…
Cisco removed the backdoor account from its Unified Communications Manager
Digital communications technology giant Cisco addressed a static SSH credentials vulnerability in its Unified Communications Manager (Unified CM). A flaw, tracked as CVE-2025-20309 (CVSS score of 10), in Cisco Unified Communications Manager and its Session Management Edition lets remote attackers log in using hardcoded root credentials set during development. Cisco Unified Communications Manager (CUCM) is a call […]
Threat Actors Exploit ChatGPT, Cisco AnyConnect, Google Meet, and Teams in Attacks on SMBs
Threat actors are increasingly leveraging the trusted names of popular software and services like ChatGPT, Cisco AnyConnect, Google Meet, and Microsoft Teams to orchestrate sophisticated cyberattacks. According to a recent report by Kaspersky Lab, SMBs…