Zero‑Day Chaos & Firmware Secrets: Cisco RCE Alert + UEFI Parser

**Hosts** - Professor CyberRisk - Cyber Cowboy - Live Cyber Maps Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Live Cyber threat map (Checkpoint): https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam **Episode Information** - **Title:** *Zero‑Day Chaos & Firmware Secrets: Cisco RCE Alert + UEFI Parser* - **Episode Number:** 3x35 - **Overview:** In today’s episode we dive deep into a critically‑exploited Cisco zero‑day that’s been wreaking havoc across Unified Communications and Webex environments. We then turn our attention to a groundbreaking open‑source UEFI parser that’s exposing hidden firmware vulnerabilities, followed by a real‑world watering‑hole attack targeting EmEditor users and an EU telecom supply‑chain purge that could reshape vendor relationships. - **Guest Information:** *None – this is an all‑host episode.* - **Topics Covered:** 1. Cisco Zero‑Day CVE‑2026‑20045 (UC & Webex RCE) 2. UEFI Parser – Open‑Source Firmware Vulnerability Discovery 3. EmEditor Watering‑Hole Malware Campaign 4. EU Telecom Supplier Ban Proposal 5. Luxshare Precision Ransomware Incident & Supply‑Chain Implications - **Top Stories:** - **Cisco Zero‑Day CVE‑2026‑20045** – *Cisco Releases Emergency Patch for Actively Exploited RCE*: https://thehackernews.com/2026/01/cisco-fixes-actively-exploited-zero-day.html - **Breaking UEFI Secrets – New Open‑Source Parser** – *CERT/CC Launches UEFI Parser Tool*: https://www.sei.cmu.edu/blog/an-open-source-tool-to-unravel-uefi-and-its-vulnerabilities/ - **Watering Hole Targets EmEditor** – *TrendMicro Uncovers Multi‑Stage Malware*: https://www.trendmicro.com/en_us/research/26/a/watering-hole-attack-targets-emeditor-users.html - **EU Targets High‑Risk Foreign Telecom Suppliers** – *Proposal to Ban Third‑Country Companies from EU Mobile Networks*: https://www.spacewar.com/reports/Eyeing_China_EU_moves_to_ban_high-risk_foreign_suppliers_from_telecoms_networks_999.html - **Luxshare Under Attack – Ransomware Claims Apple & Nvidia Data** – *China‑Based Manufacturer Breach*: https://www.digitimes.com/news/a20260122PD226/luxshare-security-electronics-manufacturing-nvidia-apple.html - **Additional Cybersecurity News – Titles and URLs:** (All links above) - **Resources & Links:** *None this episode* **Call to Action** - **Subscribe:** Stay updated on the latest cybersecurity threats – hit that subscribe button! - **Leave a Review:** Tell us what you think – reviews help us improve and grow the community. - **Join the Conversation:** Follow our community and ask questions on Discord. **Sponsor** - No sponsors this episode **Podcast Socials & Website** - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE