News

Cisco SD-WAN 0-Day CVE-2026-20127 Exploited in the Wild

Luciano Ferrari

03 Mar 2026 — 2 min read

Tuesday, March 3, 2026

Top 5 Cybersecurity Stories You Should Know

Cisco SD-WAN 0-Day CVE-2026-20127 Exploited in the Wild — tl;dr: A critical zero-day vulnerability, CVE-2026-20127, in Cisco's Catalyst SD-WAN Controller and Manager has been actively exploited, allowing unauthenticated attackers to gain administrative access. This flaw, reported by the Australian Cyber Security Centre, is part of a sophisticated cyber threat campaign tracked as UAT-8616. Organizations using affected Cisco products should prioritize patching this vulnerability to mitigate risks, as exploitation could lead to severe security breaches. Additionally, other notable vulnerabilities were reported this week, underscoring the need for vigilance in cybersecurity practices.
↪ https://thehackernews.com/2026/03/weekly-recap-sd-wan-0-day-critical-cves.html
Google Patches Chrome Zero-Day CVE-2026-2441 with Active Exploit Detected — tl;dr: Google has issued a security update for Chrome to address a critical zero-day vulnerability, CVE-2026-2441, affecting desktop versions on Windows, Mac, and Linux. The flaw, linked to Cascading Style Sheets (CSS), allows remote attackers to execute arbitrary code through a malicious HTML page. With an exploit already in circulation, users are urged to update their browsers immediately to mitigate potential risks. This incident highlights the ongoing need for vigilance against emerging threats in web browsers, as Google continues to respond swiftly to vulnerabilities.
↪ https://www.infosecurity-magazine.com/news/google-patches-new-in-wild-chrome/
87% of Organizations Have Exploitable Software Vulnerabilities, DataDog Reports — tl;dr: A recent DataDog report reveals that 87% of organizations possess at least one exploitable software vulnerability, impacting 40% of services. Java services are the most affected, with 59% of vulnerabilities, followed by .NET and Rust. Notably, only 18% of critical vulnerabilities retain their severity after considering runtime context. Organizations face risks from outdated dependencies, with a median age of 278 days, while half adopt new library versions within 24 hours, increasing exposure to potential threats. To mitigate risks, teams should prioritize context in vulnerability management and pin dependency versions to secure hashes.
↪ https://www.infosecurity-magazine.com/news/exploitable-vulnerabilities-in-87/
Google Patches 129 Android Vulnerabilities, Including CVE-2026-21385 Zero-Day — tl;dr: In March 2026, Google released a security update addressing 129 vulnerabilities in the Android ecosystem, marking the highest number of fixes in a single month. The critical zero-day vulnerability, CVE-2026-21385, affects Qualcomm's Display and Graphics component and is actively exploited in the wild, allowing attackers to compromise devices. Other severe flaws include critical remote code execution and denial-of-service vulnerabilities. Users are advised to update their devices to the latest patches promptly to mitigate risks of exploitation and ensure ongoing security.
↪ https://cyberpress.org/android-security-update-fixes-129-vulnerabilities/
Chinese APT Group Exploits Dell CVE-2026-22769 Zero-Day for Two Years — tl;dr: A Chinese APT group, UNC6201, has been exploiting a critical zero-day vulnerability (CVE-2026-22769) in Dell's RecoverPoint for Virtual Machines since mid-2024, allowing unauthorized access to systems. This hardcoded credential flaw, with a CVSS score of 10.0, affects versions prior to 6.0.3.1 HF1. The attackers have utilized this vulnerability to deploy malware and maintain persistent access. Organizations using affected versions should immediately apply the patch released by Dell to mitigate risks and secure their environments against ongoing threats.
↪ https://www.infosecurity-magazine.com/news/chinese-apt-exploits-dell-zeroday/