Originally reported by Dark Reading, Infosecurity Magazine
TL;DR
A critical Cisco SD-WAN vulnerability was exploited undetected for three years while law enforcement scored wins against cybercrime groups. Meanwhile, UK policy shifts and new threat intelligence reveal the evolving landscape of enterprise security challenges.
A maximum-severity Cisco SD-WAN zero-day (`CVE-2026-20127`) was actively exploited for three years by sophisticated threat actors, representing confirmed long-term exploitation of critical infrastructure.
Cisco disclosed that CVE-2026-20127, a maximum-severity vulnerability in SD-WAN infrastructure, was exploited by sophisticated threat actors for three years before detection. According to Dark Reading, the unknown attackers demonstrated advanced tradecraft, leaving minimal forensic evidence behind. The prolonged exploitation window highlights detection gaps in critical network infrastructure and underscores the challenge of identifying patient, skilled adversaries operating in enterprise environments.
A new lawsuit between Marquis and SonicWall is testing the boundaries of vendor liability in third-party security breaches. Dark Reading reports the FinTech company is holding its firewall provider responsible for a security incident, potentially setting precedent for how breach responsibility is allocated between organizations and their security vendors. The case reflects growing tension around accountability in an ecosystem where security increasingly depends on third-party products and services.
Project Compass, an international law enforcement operation led by Europol, resulted in the arrest of 30 members of a notorious cybercrime group known as 'The Com'. Infosecurity Magazine reports the network consisted primarily of teenagers and young adults involved in ransomware attacks, extortion, and related crimes. The operation demonstrates continued coordination between international law enforcement agencies targeting organized cybercrime groups.
The UK government's new Vulnerability Monitoring Service achieved a 75% reduction in unresolved security flaws while cutting cyber-attack response times from nearly two months to just over a week. According to Infosecurity Magazine, the service represents a significant improvement in national-level vulnerability management capabilities and demonstrates the potential impact of coordinated government cybersecurity initiatives.
Darktrace's annual threat report identified 32 million phishing emails in 2025, with identity-based attacks now surpassing traditional vulnerability exploitation as the primary threat vector. The shift reflects attackers' adaptation to improved patch management practices and highlights the growing sophistication of social engineering campaigns targeting enterprise users.
A Datadog report revealed that 87% of organizations maintain exploitable vulnerabilities, with two-fifths of services affected by exploitable bugs. The research underscores the persistent challenge of vulnerability management at scale and suggests that despite increased awareness, fundamental security hygiene remains problematic across enterprise environments.
The UK's Information Commissioner's Office (ICO) is abandoning its single-leader model in favor of a CEO and board structure. Infosecurity Magazine reports the organizational change reflects growing demands on data protection authorities as privacy regulations expand and enforcement actions increase in both frequency and complexity.
Originally reported by Dark Reading, Infosecurity Magazine