Cisco's Terrible Week and Why Your iPhone Might Be Next
Cisco’s Terrible Week and Why Your iPhone Might Be Next
It’s been one of those weeks where the security community collectively sighs and reaches for another cup of coffee. Cisco just dropped news about 48 new firewall vulnerabilities, including two with perfect 10.0 CVSS scores, while hackers are actively exploiting flaws in everything from WordPress plugins to SD-WAN infrastructure. Oh, and there’s a new exploit kit specifically targeting older iPhones. Fun times.
When Firewalls Become the Problem
Let’s start with the elephant in the room: Cisco’s latest security advisory revealing 48 new vulnerabilities in their firewall products. Two of these earned the dreaded 10.0 CVSS score – essentially the security equivalent of a five-alarm fire.
What makes this particularly concerning isn’t just the number of flaws, but the fact that these are edge devices. Firewalls sit at the perimeter of our networks, making them incredibly attractive targets for attackers. When the thing that’s supposed to protect you becomes the attack vector, we’ve got a problem.
This isn’t Cisco’s only headache this week either. The company also warned that two recently patched Catalyst SD-WAN vulnerabilities – CVE-2026-20128 and CVE-2026-20122 – are now being actively exploited in the wild. If you’re running Cisco infrastructure, this week probably feels like getting punched twice.
The silver lining? At least Cisco is being transparent about these issues and releasing patches. The question is whether organizations can patch fast enough before attackers start weaponizing these flaws.
WordPress Woes Continue
Meanwhile, in the WordPress ecosystem, we’re seeing another reminder of why plugin security matters so much. Hackers are actively exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than 60,000 sites.
The scary part? This bug lets attackers create admin accounts on vulnerable sites. Once someone has admin access to your WordPress site, it’s essentially game over. They can install backdoors, steal data, or turn your site into part of a botnet.
This is exactly why we keep harping on WordPress security hygiene. With over 40% of the web running on WordPress, these plugin vulnerabilities have massive blast radius potential. If you’re managing WordPress sites, now’s a good time to audit your plugins and make sure everything’s updated.
iPhone Users Aren’t Safe Either
Just when you thought mobile devices were relatively secure, along comes the Coruna exploit kit. This new threat specifically targets iPhones running iOS versions 13.0 through 17.2.1, with a focus on stealing financial data.
What’s interesting about Coruna is its multi-stage approach. Rather than trying to do everything at once, it uses a sophisticated campaign structure to gradually compromise devices. This kind of targeted, methodical approach suggests we’re dealing with fairly sophisticated threat actors.
The good news is that if you’re running a recent iOS version, you’re likely protected. The bad news? A lot of people don’t update their phones regularly, especially older devices that might not support the latest iOS versions. This creates a substantial pool of vulnerable targets.
The Quantum Threat Looms
While we’re dealing with these immediate threats, there’s a longer-term issue that deserves attention: the coming quantum computing revolution. Security researchers are increasingly warning about “harvest now, decrypt later” attacks, where attackers collect encrypted data today with the intention of decrypting it once quantum computers become powerful enough.
This isn’t science fiction anymore. Nation-state actors are likely already collecting encrypted communications and data, betting that quantum computers will eventually make current encryption methods obsolete. The timeline for when this becomes a real threat is still debated, but the smart money says we should start preparing now.
Post-quantum cryptography standards are being developed, but transitioning our entire digital infrastructure is going to be a massive undertaking. Organizations that start planning for this transition now will be much better positioned than those who wait until quantum computers are actually breaking their encryption.
What This Means for Us
Looking at this week’s news, a few themes emerge. First, edge devices continue to be major attack vectors – whether it’s Cisco firewalls or SD-WAN appliances. These devices often have long update cycles and may not get the security attention they deserve.
Second, the plugin ecosystem remains a weak link for many organizations. Whether it’s WordPress plugins or mobile apps, third-party code introduces risks that we don’t always account for properly.
Finally, we’re seeing increasingly sophisticated attack methods, from multi-stage mobile exploits to long-term quantum preparation strategies. The threat landscape isn’t just getting bigger – it’s getting smarter.
The key takeaway? Patch management and asset inventory remain fundamental security practices, but they’re not enough anymore. We need to think more strategically about emerging threats and start preparing for challenges that might not materialize for years.
Sources
- Cisco Drops 48 New Firewall Vulnerabilities, 2 Critical
- WordPress membership plugin bug exploited to create admin accounts
- Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders
- Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild
- Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns