Cisco

When the Network Is the Target: Acer's CVSS 10.0 Router Zero-Days and an Exploited Cisco SD-WAN Flaw

Acer shipped advisories for two maximum-severity zero-days in its Wave 7 mesh routers — a world-readable log leaking cleartext admin credentials and a hardcoded AES key that lets attackers backdoor device backups. Days later, Cisco confirmed active exploitation of a Catalyst SD-WAN Manager flaw being chained to push rogue configurations to edge devices. Both fit the dominant 2026 pattern: the network itself is the target.

June 5, 2026

CVSS 10.0: Interlock Ransomware Exploited Cisco's Firewall Zero-Day for Weeks Before Cisco Knew

CVE-2026-20131 in Cisco Secure Firewall Management Center carries the maximum possible CVSS score of 10.0 and allows unauthenticated remote attackers to execute arbitrary Java code as root via an insecure deserialization flaw. The Interlock ransomware group was exploiting it as a zero-day from January 26, 2026 — more than a month before Cisco disclosed the vulnerability publicly — using memory-resident web shells, custom JavaScript and Java remote access trojans, and Active Directory certificate abuse to move through victim networks.

May 5, 2026

85% of Organizations Got Hit Through Wireless: What the Cisco 2026 State of Wireless Report Means for Your Smart Office

Cisco surveyed 6,098 wireless decision-makers across 30 countries and found that 85% of organizations experienced wireless security incidents in the past year, with IoT and OT devices identified as the primary weak link. Half of those incidents cost over $1 million. Here is what the data means for organizations running connected smart offices.

April 23, 2026

🏷️ Cisco

When the Network Is the Target: Acer's CVSS 10.0 Router Zero-Days and an Exploited Cisco SD-WAN Flaw

CVSS 10.0: Interlock Ransomware Exploited Cisco's Firewall Zero-Day for Weeks Before Cisco Knew

85% of Organizations Got Hit Through Wireless: What the Cisco 2026 State of Wireless Report Means for Your Smart Office