CloudSEK TRIAD

A critical flaw (CVE-2025-20309, CVSS 10.0) in Cisco Unified Communications Manager lets attackers gain root access via hard-coded credentials in versions 15.0.1.13010-1 to 13017-1. Over 1,000 internet-exposed assets are at risk globally, especially in the US and Asia. Likely targets include VoIP and government networks. Immediate patching, access restrictions, and log monitoring are strongly advised to prevent system compromise.

CloudSEK’s TRIAD team created this report based on an analysis of the increasing trend of cryptocurrency counterfeiting, in which tokens impersonate government organizations to provide some legitimacy to their “rug pull” scams. An example of this scam is covered in this report where threat actors have created a counterfeit token named “BRICS”. This token is aimed at exploiting the focus on the BRICS Summit held in Kazan, Russia, and the increased interest in investments and expansion of the BRICS government organization which comprises different countries (Brazil, Russia, India, China, South Africa, Egypt, Ethiopia, Iran, and the United Arab Emirates)