BadCandy Implant Hits Cisco Devices Across Australia

The Australian Cyber Security Centre has warned of a BadCandy implant targeting unpatched Cisco IOS XE devices, with at least 150 compromised in Australia. Hackers exploit zero-day vulnerabilities (CVE-2023-20198 and CVE-2023-20273) to create administrator accounts and deploy the web shell, a tactic attributed to Chinese nation-state hackers known as Salt Typhoon.