Cisco Systems has identified a critical command injection vulnerability (CVE-2025-20161) in its Nexus 3000 and 9000 Switches running in standalone NX-OS mode. The flaw, which carries a CVSSv3 score of 5.1, allows attackers with admin privileges to execute operating system commands during software upgrades. The vulnerability, which stems from inadequate validation mechanisms, could facilitate network reconnaissance, traffic interception, or persistent backdoor deployments. Cisco advises immediate installation of patched firmware versions.
Winos 4.0 Malware Targets Taiwan With Email Impersonation
Cybersecurity experts have discovered a malware distributed via phishing emails that appear to be tax documents from Taiwan’s National Taxation Bureau. The malware uses government
