Blog

Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127)

A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller (formerly vSmart), Cisco has announced today. The vulnerability was reported by Australian Signals Directorate’s Australian Cyber Security Centre, who said that once the vulnerability was exploited, “the malicious actors add[ed] a rogue peer, and eventually gain[ed] root access to establish long-term persistence in SD-WANs.” “This vulnerability exists because the peering authentication mechanism in an affected … More → The post Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127) appeared first on Help Net Security.
http://news.poseidon-us.com/TR8yKm

Fake Zoom meeting leads to silent install of surveillance software

Malwarebytes researchers have uncovered a fake (but convincing) Zoom meeting page that downloads surveillance software on Windows computers and tricks users into running it. According to Microsoft MVP Steven Lim, the page has claimed nearly 1,500 victims in 12 days. The trick Potential victims likely visit the page (at uswebzoomus[.]com/zoom/) after getting a meeting invite/link via email or text. The page is made to look like a Zoom waiting room and, once a visitor interacts … More → The post Fake Zoom meeting leads to silent install of surveillance software appeared first on Help Net Security.
http://news.poseidon-us.com/TR8yKF