Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

The Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data Resilience

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user.
The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects is

Headline

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

The Hacker News: Latest News