Sign up to save your podcasts
Or
Share 127 - From Cisco To EV Chargers: Active Exploits And Urgent Patches
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
127 - From Cisco To EV Chargers: Active Exploits And Urgent Patches
Send us Fan Mail
A wave of edge and control‑plane threats drives urgent patching and smarter validation across Cisco SD‑WAN, EV charging, FileZen, and Serve‑U. We map real exploits, spotlight APT28 tradecraft, unpack Google risk shifts, and share a post‑patch playbook that assumes breach.
• Cisco SD‑WAN 10.0 authentication bypass and active exploitation
• CISA KEV update for FileZen and patch prioritization
• EV charging platform flaws enabling session hijack and station impersonation
• APT28 targeting MSHTML and legacy components as modern vectors
• One Uptime 10.0 root‑level exploit via traceroute probes
• Google localhost WebSocket risk and policy reversals on token proxying
• Governance for agentic AI with supervised fine‑tuning and oversight
• Quick hits on North Korean air‑gap tools and UNC2814 disruption
• Serve‑U critical updates and file transfer exposure
• EU CRA impacts on open source supply chains
• Post‑patch validation: verify versions, confirm exposure is gone, hunt logs, rotate secrets
• Continuous exposure management for control planes and edge systems
For more in-depth analysis and links to everything we discussed today, be sure to subscribe to our newsletter at infosec.watch
Support the show
Thanks for listening to InfoSec.Watch!Subscribe to our newsletter for in-depth analysis: https://infosec.watch
Follow us for daily updates:
- X (Twitter)
- LinkedIn
- Facebook -
Stay secure out there!
View all episodes
By Infosec.WatchSend us Fan Mail
A wave of edge and control‑plane threats drives urgent patching and smarter validation across Cisco SD‑WAN, EV charging, FileZen, and Serve‑U. We map real exploits, spotlight APT28 tradecraft, unpack Google risk shifts, and share a post‑patch playbook that assumes breach.
• Cisco SD‑WAN 10.0 authentication bypass and active exploitation
• CISA KEV update for FileZen and patch prioritization
• EV charging platform flaws enabling session hijack and station impersonation
• APT28 targeting MSHTML and legacy components as modern vectors
• One Uptime 10.0 root‑level exploit via traceroute probes
• Google localhost WebSocket risk and policy reversals on token proxying
• Governance for agentic AI with supervised fine‑tuning and oversight
• Quick hits on North Korean air‑gap tools and UNC2814 disruption
• Serve‑U critical updates and file transfer exposure
• EU CRA impacts on open source supply chains
• Post‑patch validation: verify versions, confirm exposure is gone, hunt logs, rotate secrets
• Continuous exposure management for control planes and edge systems
For more in-depth analysis and links to everything we discussed today, be sure to subscribe to our newsletter at infosec.watch
Support the show
Thanks for listening to InfoSec.Watch!Subscribe to our newsletter for in-depth analysis: https://infosec.watch
Follow us for daily updates:
- X (Twitter)
- LinkedIn
- Facebook -
Stay secure out there!