Weekly IT Security Recap
This week’s recap highlights several critical developments in the cybersecurity landscape. From a newly disclosed zero-day vulnerability affecting Cisco’s SD-WAN systems to ongoing industrial-scale distillation attacks by Chinese AI firms against Anthropic, this week’s news underscores the evolving nature of cyber threats.
Threat of the Week: Cisco SD-WAN Zero-Day Exploited
A critical security flaw in Cisco’s Catalyst SD-WAN Controller and Manager has been actively exploited since 2023. The vulnerability, tracked as CVE-2026-20127 (CVSS score: 10.0), allows unauthenticated attackers to bypass authentication and gain administrative privileges by sending a crafted request.
Anthropic Accuses Chinese Firms of Distillation Attacks
Anthropic has accused three Chinese AI firms—DeepSeek, Moonshot AI, and MiniMax—of engaging in industrial-scale distillation attacks aimed at extracting information from its model. This follows similar claims made by OpenAI last month.
Google Disrupts UNC2814 GRIDTIDE Campaign
Google has worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group, UNC2814, which has targeted international governments and global telecommunications organizations across Africa, Asia, and the Americas.
Public Google Cloud API Keys Exposed
New research found that public Google Cloud API keys could be abused to authenticate to sensitive Gemini endpoints and access private data. This issue was quickly addressed by Google.
Trending CVEs
- CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, CVE-2025-40541 (SolarWinds Serv-U)
- CVE-2026-20127 (Cisco Catalyst SD-WAN)
- CVE-2026-20122, CVE-2026-20126, CVE-2026-20128 (Cisco Catalyst SD-WAN)
- CVE-2026-25755 (jsPDF), CVE-2025-12543 (HPE Telco Service Activator)
Other Notable News
- Russian authorities launched a criminal investigation into Telegram CEO Pavel Durov for alleged promotion of terrorist activity.
- Hackers seized control of an Iranian prayer app to send messages urging the military to surrender during a joint U.S.-Israeli attack.
- Smart TV apps are being used as nodes in proxy networks, raising privacy and security concerns.
元記事: https://thehackernews.com/2026/03/weekly-recap-sd-wan-0-day-critical-cves.html