Unpatched Cisco Devices Under Siege: Australia Warns of Persistent BadCandy Webshell Attacks
Australian authorities warn that state-sponsored hackers continue to exploit a critical 2023 Cisco IOS XE vulnerability to implant BadCandy webshells on unpatched devices. Over 150 Australian systems remain compromised despite available patches, with attackers systematically re-infecting routers after reboots. The campaign highlights systemic patching failures and ongoing infrastructure risks in critical networks.