# Archive
Browse past daily curated stories
Friday, February 27, 2026
-
1Dark Reading generalCisco SD-WAN Zero-Day Under Exploitation for 3 Years
Cisco patched CVE-2026-20127, a maximum-severity zero-day in SD-WAN Controller and Manager that allows unauthenticated remote attackers to bypass authentication and gain administrative privileges. The vulnerability has been actively exploited since 2023 by sophisticated threat actors who left minimal forensic evidence, prompting CISA to add it to the Known Exploited Vulnerabilities catalog.
-
2threat-intelGoogle disrupts Сhina-linked cyberespionage campaign spanning dozens of countries
Google's Threat Intelligence Group disrupted UNC2814, a China-linked cyberespionage campaign that compromised at least 53 government and telecommunications organizations across 42 countries. The threat actor, active since 2017, used SaaS API calls to hide malicious traffic and establish persistent access to targeted networks.
-
3The Hacker News generalUAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
Cisco Talos identified UAT-10027, a new threat cluster targeting U.S. education and healthcare sectors since December 2025 with the previously unknown Dohdoor backdoor. The malware uses DNS-over-HTTPS (DoH) for command-and-control communications, demonstrating sophisticated evasion techniques against network monitoring.
-
4The Hacker News generalAeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
Researchers disclosed Aeternum C2, a new botnet that stores encrypted commands on the Polygon blockchain to evade takedowns. The botnet uses blockchain infrastructure instead of traditional C2 servers, making it highly resilient to law enforcement disruption efforts while maintaining persistent command capabilities.
-
5BleepingComputer generalTrend Micro warns of critical Apex One code execution flaws
Trend Micro patched two critical vulnerabilities in Apex One endpoint security software that allow remote code execution on Windows systems. The company fixed eight total vulnerabilities across Windows and macOS versions, with the critical flaws posing immediate risk to enterprise environments.
-
6BleepingComputer generalCritical Juniper Networks PTX flaw allows full router takeover
Juniper Networks disclosed a critical vulnerability in Junos OS Evolved running on PTX Series routers that allows unauthenticated remote code execution with root privileges. The flaw affects core network infrastructure devices, enabling complete router takeover without authentication.
-
7BleepingComputer generalPreviously harmless Google API keys now expose Gemini AI data
Google API keys previously used only for Maps and other services can now authenticate to Gemini AI and access private data when embedded in client-side code. The security issue exposes sensitive AI conversations and data through keys that developers assumed were limited to non-sensitive services.
-
8BleepingComputer generalZyxel warns of critical RCE flaw affecting over a dozen routers
Zyxel released patches for a critical remote code execution vulnerability affecting over a dozen router models including NBG6818, WSQ20, and WAX300H series. The UPnP function flaw allows unauthenticated attackers to execute commands remotely on unpatched devices.
-
9BleepingComputer generalEuropean DYI chain ManoMano data breach impacts 38 million customers
European DIY retailer ManoMano disclosed a data breach affecting 38 million customers after hackers compromised a third-party service provider. The incident exposed personal information including names, addresses, and purchase history from the company's customer database.
-
10The Hacker News generalMicrosoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware
Microsoft warned of fake Next.js job repositories being used in developer-targeted campaigns that deliver in-memory malware. The malicious repos disguise themselves as legitimate technical assessments and Next.js projects to trick developers into executing code that establishes persistent access to compromised machines.