Archive - CISO Intelligence

Breaking: Cisco SD-WAN CVSS 10.0 Auth Bypass — CISA Emergency Directive — 15 May 2026

Cisco Catalyst SD-WAN Authentication Bypass — CISA Emergency Directive Issued

May 15 • Jonathan Care

Breaking: PAN-OS Zero-Day Under Active Exploitation — 8 May 2026

PAN-OS Zero-Day Under Active Exploitation

May 8 • Jonathan Care

April 2026

Breaking: China-nexus APT actors weaponise SOHO router botnets against European critical infrastructure — 28 April 2026

China-Nexus APT Actors weaponise SOHO router botnets to pre-position on critical infrastructure

Apr 28 • Jonathan Care

Breaking: SimpleHelp RCE Exploited by Medusa Ransomware Targeting Healthcare — 27 April 2026

SimpleHelp RCE Added to KEV as Medusa Ransomware Escalates Healthcare Campaign

Apr 27 • Jonathan Care

Breaking: Marimo Pre-Auth RCE Exploited in Under 10 Hours — 24 April 2026

Marimo Pre-Auth RCE Added to KEV After Exploitation in Under 10 Hours

Apr 24 • Jonathan Care

Breaking: CISA Emergency Directive for Cisco SD-WAN + Fortinet EMS RCE Exploited — 23 April 2026

CISA Emergency Directive Targets Cisco SD-WAN, Fortinet RCE Exploited in the Wild

Apr 23 • Jonathan Care

Breaking: Fortinet FortiClient EMS Under Active Exploit — Patch Now, Deadline Tomorrow

Fortinet FortiClient EMS Under Active Exploit — Patch Now, Deadline Tomorrow

Apr 15 • Jonathan Care

March 2026

Breaking: F5 BIG-IP APM Under Active Nation-State Exploitation — 30 March 2026

F5 BIG-IP APM Under Active Nation-State Exploitation — Remediation Deadline Today

Mar 30 • Jonathan Care

Breaking: PTC Windchill Zero-Day — CVSS 10.0, No Patch, German Police Deployed Overnight — 25 March 2026

PTC Windchill Zero-Day: CVSS 10.0, No Patch, German Police at Your Door at 3:30 AM

Mar 25 • Jonathan Care

Breaking: Cisco FMC CVSS 10.0 Zero-Day Exploited by Ransomware Group — 20 March 2026

Cisco FMC Zero-Day: CVSS 10.0, Exploited as Ransomware Backdoor for Six Weeks Before Patch

Mar 20 • Jonathan Care

Breaking: Cisco FMC CVSS 10.0 Zero-Day Exploited by Interlock Ransomware Since January — 19 March 2026

Cisco Firewall Management Center: CVSS 10.0 Zero-Day Exploited by Interlock Ransomware Since January

Mar 19 • Jonathan Care

Breaking: Stryker Wiper Attack and SharePoint Exploitation — 19 March 2026

Stryker Wiper Attack: Iranian-Linked Hackers Used Microsoft Intune to Wipe 80,000 Devices — Healthcare Sector on Alert

Mar 19 • Jonathan Care

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts