Bleeping Computer

Cisco fixes max severity IOS XE flaw letting attackers hijack devices

Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices. This ...
SDxCentral

Cisco users face BadCandy in latest threat to network giant

Australia’s security authority has warned Cisco users of a particularly sour implant vulnerability. Dubbed BadCandy, the implant affects Cisco IOS XE devices with a basic web shell based on Lua coding ...