Sign up to save your podcasts
Or
Share The Password Change That Didnt Need a Password
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Password Change That Didnt Need a Password
Cisco patched CVE-2026-20093 (CVSS 9.8) in the Integrated Management Controller — an authentication bypass that allows an unauthenticated attacker to change any user's password, including the administrator, and gain full system control via a single crafted HTTP request. This continues the management plane attack pattern tracked since March across Intune, Cisco FMC, SD-WAN, and FortiClient EMS. A mass exploitation campaign using automated credential harvesting compromised 766 hosts via a web framework vulnerability, exfiltrating database credentials, SSH keys, cloud secrets, and API keys. Ransomware tracking shows 2,726 victims year-to-date through April 3 with 104 in the first three days of April. A state-linked actor publicly announced intent to escalate attacks on technology companies across the region.
Links & Resources- https://thehackernews.com/2026/04/cisco-imc-authentication-bypass-cve-2026-20093.html
- https://dev.to/mrcomputerscience/breaking-cybersecurity-news-for-20260404-pithy-cyborg-threats-breaches-intel-bok
- https://this.weekinsecurity.com/this-week-in-security-april-5-2026-edition/
- https://kcnet.in/2026/04/02/cybersecurity-incidents-alerts-april-2026/
- https://cybernews.com/news/iran-threatens-us-big-tech-middle-east/
- https://www.cybermaterial.com/p/cyber-briefing-20260401
- https://thehackernews.com/2026/04/chrome-zero-day-dawn-webgpu.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
View all episodes
By Tushar VartakCisco patched CVE-2026-20093 (CVSS 9.8) in the Integrated Management Controller — an authentication bypass that allows an unauthenticated attacker to change any user's password, including the administrator, and gain full system control via a single crafted HTTP request. This continues the management plane attack pattern tracked since March across Intune, Cisco FMC, SD-WAN, and FortiClient EMS. A mass exploitation campaign using automated credential harvesting compromised 766 hosts via a web framework vulnerability, exfiltrating database credentials, SSH keys, cloud secrets, and API keys. Ransomware tracking shows 2,726 victims year-to-date through April 3 with 104 in the first three days of April. A state-linked actor publicly announced intent to escalate attacks on technology companies across the region.
Links & Resources- https://thehackernews.com/2026/04/cisco-imc-authentication-bypass-cve-2026-20093.html
- https://dev.to/mrcomputerscience/breaking-cybersecurity-news-for-20260404-pithy-cyborg-threats-breaches-intel-bok
- https://this.weekinsecurity.com/this-week-in-security-april-5-2026-edition/
- https://kcnet.in/2026/04/02/cybersecurity-incidents-alerts-april-2026/
- https://cybernews.com/news/iran-threatens-us-big-tech-middle-east/
- https://www.cybermaterial.com/p/cyber-briefing-20260401
- https://thehackernews.com/2026/04/chrome-zero-day-dawn-webgpu.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog