Tag: sd-wan

Critical Cisco Flaw Triggers CISA Deadline as Phishing Campaigns Evolve

US agencies face a CISA deadline to address a critical Cisco SD-WAN vulnerability exposing federal networks to long-term compromise. Meanwhile, threat actors are leveraging Cloudflare's human verification system to conceal Microsoft 365 phishing campaigns.

Mar 13, 2026Hackread

ciscosd-wancisa

highNation-State & APT

Iranian APT Groups Intensify Cyber Operations Against U.S. and Middle East Infrastructure

Check Point researchers observed Iran-linked actors targeting IP cameras across Israel and Gulf states for military intelligence, while Broadcom's Symantec team uncovered MuddyWater deploying the new Dindoor backdoor against U.S. banks, airports, and nonprofits.

Mar 7, 2026Security Affairs

iranmuddywaterapt

🇮🇷MuddyWater

highVulnerabilities & Exploits

Chrome Privilege Escalation Patched, SD-WAN Zero-Days, and UK Cyber Essentials Evolution

Google patched a critical Chrome vulnerability allowing malicious extensions to escalate privileges via Gemini panel exploitation. Meanwhile, SD-WAN zero-day vulnerabilities have emerged alongside evolving bot attack patterns and updated UK compliance requirements.

Mar 2, 2026The Hacker News, Qualys

chrome-vulnerabilityprivilege-escalationsd-wan

🇺🇸Google

criticalNation-State & APT

Critical Cisco SD-WAN Exploitation, Claude AI Vulnerabilities, and Million-Scale Data Breaches

CISA issued an emergency directive about ongoing Cisco SD-WAN exploitation by threat actors targeting federal networks. Meanwhile, Check Point discovered RCE vulnerabilities in Anthropic's Claude AI coding assistant, and TriZetto revealed a data breach affecting over 3 million Americans.

Feb 26, 2026Security Affairs, The Record

ciscosd-wanclaude-ai

criticalVulnerabilities & Exploits

Critical Infrastructure Under Fire: Cisco Zero-Day Exploited Since 2023, Google Disrupts China APT

A critical Cisco SD-WAN authentication bypass vulnerability has been exploited in the wild since 2023, while Google disrupted a China-linked APT that breached 53 organizations across 42 countries. Supply chain attacks continue with malicious NuGet packages impersonating Stripe libraries and vulnerabilities in AI coding assistants enabling remote code execution.

Feb 26, 2026The Hacker News, SANS ISC, MSRC Security Updates

zero-dayciscosd-wan

🏴Lapsus$

🇺🇸Google