Probably the biggest cybersecurity news this week: Cisco has confirmed multiple critical zero-day vulnerabilities across its platforms — and attackers are already exploiting them. What’s happening: * Over 2 million Cisco devices potentially exposed. * SNMP stack overflow: crash devices or run code as root with low-privileged credentials. * Critical Web Services flaw (CVSS 9+): remote unauthenticated code execution on Cisco Secure Firewalls and low-privileged attacks on IOS devices when VPN or TTP services are enabled. * CISA Emergency Directive: federal agencies must patch or disconnect Cisco devices within 24 hours — everyone else should act now. * No workarounds: upgrade immediately and restrict SNMP/Web Services to trusted hosts until patched. Why it matters: These vulnerabilities are being actively exploited right now — not theoretical. They can lead to total device compromise of routers, switches, ASA, and Firepower Systems worldwide. Take Action: Patch, limit exposure, and monitor your logs, metrics, and traces — the hallmarks of observability. I’m Peter with Plixer — Like and Subscribe to stay ahead of the latest cyber threats. https://www.darkreading.com/vulnerabilities-threats/cisco-actively-exploited-zero-day-bugs-firewalls-ios https://arstechnica.com/security/2025/09/as-many-as-2-million-cisco-devices-affected-by-actively-exploited-0-day/