Cisco SD-WAN Zero-Day Exploited Months Before Patching
A Cisco SD-WAN zero-day was actively exploited for months prior to disclosure, with evidence of file deletion and system configuration restoration by the attacker to evade detection.
CTI status
As of:
Last pipeline run:
Source reliability
Information credibility
NATO Admiralty (AJP-2.1) grades confidence, independent of the risk score. Cross-source corroboration isn't tracked for non-CVE news, so single-source items are capped at a lower credibility number; a low number does not imply low quality.
A Cisco SD-WAN zero-day was actively exploited for months prior to disclosure, with evidence of file deletion and system configuration restoration by the attacker to evade detection.
The official Swiss security report 2026 designates Russia as Europe's greatest threat with aggressive hybrid warfare directly targeting Switzerland in cyberspace, critical infrastructure, and espionage , a strategic signal for Swiss manufacturing SMEs.
Gamaredon is escalating its malware obfuscation and command-and-control infrastructure evasion capabilities, signalling an intensification of Russian cyber operations against European targets.
German Federal Office for the Protection of the Constitution warns of targeted Chinese espionage in academic and research institutions , a strategic risk for European technology and manufacturing industry through leakage of sensitive research findings.
After a global lull in 2024,2025, ransomware gangs have actively refocused on Europe and are deliberately targeting EU organizations and their supply chains,a strategic risk for Swiss and European manufacturing enterprises.
The BSI advisory aggregates multiple critical Exchange vulnerabilities without naming specific CVEs, indicating a regularly updated collective warning.
The BSI warns of multiple critical vulnerabilities in OpenSSL that can enable remote code execution, security bypasses, and data loss.
Race-condition vulnerability in Linux kernel memory management with potential for memory corruption under concurrent access to memcg lists.
A stack buffer overflow in the netfilter implementation allows kernel-memory corruption and potential code execution when specific nft rule combinations are processed.
More than half of the vulnerabilities are use-after-free defects that can lead to remote code execution; prompt patching is required.
Cisco Talos documents systematically how malware exploits COM interfaces for lateral movement, persistence, and evasion , a fundamental defensive competency for Windows-heavy infrastructure defenders.
The BSI has issued a security advisory on multiple vulnerabilities in Adobe Acrobat DC and Adobe Acrobat Reader DC enabling remote code execution and privilege escalation, though specific CVE identifiers are not named in this notice.
BSI warns of multiple Chrome vulnerabilities not yet fully disclosed; details remain embargoed until patches are available.
Chrome 149.0.7827.196/197 patches 18 vulnerabilities including four critical flaws; no indication of active in-the-wild exploitation yet, but Chrome zero-days have been exploited multiple times this year.
A flaw in error-handling during iptables/netfilter rule processing allows leaking internal kernel memory addresses, potentially bypassing KASLR mitigation.
The vulnerability enables a kernel crash (DoS) through missing validation before skb_pull() in GRO network processing and potentially affects all protocols handling fragmented packets via GRO.