iSec News – Information Security News

Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

Cisco Unified CM flaw under active exploitation after public disclosure

News, Risk, Vendors, Vulnerabilities

June 25, 2026

Threat actors are exploiting CVE-2026-20230 in Cisco Unified CM and Unified CM SME, a critical flaw that can enable server-side request forgery and file writes. Cisco has patched affected versions, and WebDialer must be enabled for abuse.

Latest NEWS

Trump order sets 2030 deadline for federal post-quantum cryptography migration

June 24, 2026
Xsolis says phishing attack exposed data of 1.4 million people

June 24, 2026
GitHub updates actions/checkout to block forked pull request exploits

June 24, 2026
LastPass says Salesforce customer data exposed in Klue supply chain attack

June 24, 2026
Malicious npm packages found posing as PostCSS tools to deliver Windows RAT

June 24, 2026

Mustang Panda deploys updated COOLCLIENT backdoor to steal endpoint data

Cybercrime, News, Research

·

January 28, 2026
Two malicious PyPI spellchecker packages delivered Python RAT and were downloaded over 1,000 times

Cybercrime, Research, Vulnerabilities

·

January 28, 2026
Cellbreak Pyodide sandbox escape in Grist‑Core allows remote code execution

News, Research, Vulnerabilities

·

January 28, 2026
PeckBirdy JScript framework used by China-aligned actors to target gambling and government sites

Cybercrime, News, Research

·

January 28, 2026
Multiple groups exploit WinRAR CVE-2025-8088 using Alternate Data Streams since July 2025

Cybercrime, News, Research, Vulnerabilities

·

January 28, 2026

Loading…Load More

LinkedIn
Facebook

About
Editorial Policy
Privacy
Contact