An actively exploited zero-day in Cisco IOS-XE's web interface is leading to mass compromise and implant (backdoor) installation: https://arstechnica.com/security/2023/10/actively-exploited-cisco-0-day-with-maximum-10-severity-gives-full-network-control/

CVSS 10.0 and bad enough that Cisco is providing methods to check for the specific implant being installed.

via @dangoodin