Cisco warns that Unified CM has hardcoded root SSH credentials

Published on July 2, 2025

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges. [...]

Continue reading on website
Other news

Citrix warns of login issues after NetScaler auth bypass patch

July 2, 2025
Citrix warns that patching recently disclosed vulnerabilities that can be exploited to bypass authentication and launch denial-of-service attacks may also break login pages on NetScaler ADC and Gateway appliances. [...]

North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign

July 2, 2025
Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics."Unusually for macOS malware, the threat actors employ a process injection technique and remote communications via wss, the TLS-encrypted version of the WebSocket protocol,"