By therecord.media
Publication Date: 2026-02-25 17:37:00
Cybersecurity agencies from the Five Eyes intelligence alliance urgently warned Wednesday that “an advanced threat actor” is actively exploiting new flaws in Cisco networking equipment, pressing organizations to look for signs their systems may already have been compromised.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive warning of a “cyber threat actor’s ongoing exploitation of Cisco SD-WAN systems,” describing the activity as presenting a significant risk to federal civilian executive branch networks.
The vulnerabilities cited in the alerts include CVE-2026-20127 and CVE-2022-20775, which have been linked to real-world exploitation. CISA said it has assessed that the conditions pose “an unacceptable risk to federal agencies and necessitate emergency action.”
The British National Cyber Security Centre (NCSC) also said “malicious cyber threat actors are targeting Cisco Catalyst Software Defined Wide Area Networks…
