Feed aggregator

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

• CVE-2022-20775 Cisco Catalyst SD-WAN Path Traversal Vulnerability
• CVE-2026-20127 Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability 

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. 

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. 

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

The purpose of this Alert is to provide resources for organizations with Cisco Software-Defined Wide-Area Networking (SD-WAN) systems, including Federal Civilian Executive Branch (FCEB) agencies, to address ongoing exploitation of multiple vulnerabilities. Notably, the Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-20127 and CVE-2022-20775 to its Known Exploited Vulnerabilities (KEV) Catalog on Feb. 25, 2026. As a result of the malicious cyber activity and vulnerabilities involving Cisco SD-WAN systems, CISA has outlined requirements for FCEB agencies in Emergency Directive (ED) 26-03 to inventory Cisco SD-WAN systems, update them, and assess compromise.

CISA and partners have observed malicious cyber actors targeting and compromising Cisco SD-WAN systems of organizations, globally. These actors have been observed exploiting a previously undisclosed authentication bypass vulnerability, CVE-2026-20127, for initial access before escalating privileges using CVE-2022-20775 and establishing long-term persistence in Cisco SD-WAN systems.

CISA, National Security Agency (NSA), and international partners Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (Cyber Centre), New Zealand National Cyber Security Centre (NCSC-NZ), and United Kingdom National Cyber Security Centre (NCSC-UK), hereafter the “authoring organizations,” strongly urge network defenders to immediately 1) inventory all in-scope Cisco SD-WAN systems, 2) collect artifacts, including virtual snapshots and logs off of SD-WAN systems to support threat hunt activities, 3) fully patch Cisco SD-WAN systems with available updates, 4) hunt for evidence of compromise, and 5) concurrently review Cisco’s latest security advisories, Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability and Cisco Catalyst SD-WAN Vulnerabilities, and implement Cisco’s SD-WAN Hardening Guidance.1

To address malicious activity involving vulnerable Cisco SD-WAN systems, CISA issued Emergency Directive 26-03: Mitigate Vulnerabilities in Cisco SD-WAN Systems, which outlines requirements for FCEB agencies to inventory Cisco SD-WAN systems, update them, and assess compromise. Further, CISA released Supplemental Direction ED 26-03: Hunt and Hardening Guidance for Cisco SD-WAN Systems to provide prescriptive actions for FCEB agencies. 

Cisco’s Catalyst SD-WAN Hardening Guide recommends that network defenders address:

• Network perimeter controls: Ensure control components are behind a firewall, isolate virtual private network (VPN) 512 interfaces, and use internet protocol (IP) blocks for manually provisioned edge IPs.
• SD-WAN manager access: Replace the self-signed certificate for the web user interface.
• Control and data plane security: Use pairwise keys.
• Session timeout: Limit to the shortest period possible.
• Logging: Forward to a remote syslog server.

CISA and the authoring organizations are providing the following resources:  

• CISA: Emergency Directive 26-03: Mitigate Vulnerabilities in Cisco SD-WAN Systems
• CISA: Supplemental Direction ED 26-03: Hunt and Hardening Guidance for Cisco SD-WAN Systems
• Cisco: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
• Cisco: Cisco Catalyst SD-WAN Vulnerabilities
• Cisco: Cisco Catalyst SD-WAN Hardening Guide
• ASD’s ACSC: Cisco SD-WAN Threat Hunt Guide, co-sealed by CISA, NSA, Cyber Centre, NCSC-NZ, and NCSC-UK. This guide, based on investigative data, supports network defenders’ detection of and response to the malicious actors’ threat activity

Acknowledgements

NSA, ASD’s ACSC, Cyber Centre, NCSC-NZ, and NCSC-UK contributed to this alert.

Disclaimer

The information in this report is being provided “as is” for informational purposes only. CISA does not endorse any commercial entity, product, company, or service, including any entities, products, or services linked within this document. Any reference to specific commercial entities, products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by CISA. 

Notes 

1 Cisco Security, “Cisco Catalyst SD-WAN Hardening Guide,” last modified February 9, 2026, https://sec.cloudapps.cisco.com/security/center/resources/Cisco-Catalyst-SD-WAN-HardeningGuide

SecurityWeek’s M&A data indicates that today's market is more disciplined, and it seems to favor GRC, data protection, and identity.

The post SecurityWeek Report: 426 Cybersecurity M&A Deals Announced in 2025 appeared first on SecurityWeek.

Article URL: https://www.freethink.com/opinion/techno-humanist-manifesto-chapter-11

Comments URL: https://news.ycombinator.com/item?id=47150217

Points: 2

# Comments: 0

Article URL: https://inspector.bunnytech.app

Comments URL: https://news.ycombinator.com/item?id=47150210

Points: 1

# Comments: 0

The high-end casino and hotel operator has admitted that employee data was stolen by ShinyHunters.

The post Wynn Resorts Confirms Data Breach After Hackers Remove It From Leak Site appeared first on SecurityWeek.

Article URL: https://www.robkopel.me/field-notes/peer-pressure/

Comments URL: https://news.ycombinator.com/item?id=47150199

Points: 1

# Comments: 1

Article URL: https://www.phoronix.com/news/AOMedia-OAC-Open-Audio-Codec

Comments URL: https://news.ycombinator.com/item?id=47150193

Points: 3

# Comments: 0

Article URL: https://twitter.com/claudeai/status/2026418433911603668

Comments URL: https://news.ycombinator.com/item?id=47150190

Points: 2

# Comments: 2

Article URL: https://www.entertainmentbreakdown.com/playdeads-inside-10-years-anniversary-review-e31381c806bf

Comments URL: https://news.ycombinator.com/item?id=47150176

Points: 1

# Comments: 0

Article URL: https://moultano.wordpress.com/2026/02/22/the-hunt-for-dark-breakfast/

Comments URL: https://news.ycombinator.com/item?id=47150173

Points: 1

# Comments: 0

Article URL: https://www.noahlebovic.com/hacking-claude-code-on-the-web-breaking-yolo-mode-sandboxing/

Comments URL: https://news.ycombinator.com/item?id=47150170

Points: 3

# Comments: 0

If you're 55 or older you can save money using AT&T and T-Mobile. Here are the best discounts and special phone plans for people in their golden years.

Article URL: https://old.reddit.com/r/ClaudeAI/comments/1re1ncv/did_anyone_else_notice_cowork_now_has_scheduled/

Comments URL: https://news.ycombinator.com/item?id=47150159

Points: 1

# Comments: 1

Tell HN: Going to end my life today

I'm 35 and I am going to end my life today. About year one ago I quit my job to work on my own startup (alone). Since then I made good progress in making the product, but very little in selling it. And there's competition in that space with newly-funded VC startups out-executing me. Shit I was so scared to contact my ICP to prospect and to sell -- I am ashamed at myself for messing this opportunity. I WASTED 10 MONTHS!!!! Also realized: it is an uphill battle to sell something to someone. I suck at sales & marketing, which is all that matters.

I might have been Senior/Staff by title in my last job, but I only have handled/implemented frontend projects end-to-end.... in backend I've only ever only implemented features. Never explored stuff like Kafka, System Design & never bothered applying to FAANG again or startups/scale-ups again. It also seems very late to do so now, considering the medicore experience I have.

I also came to the realization about 2-3 days ago that I've never worked hard a day in my life. messed around in high school & got okay grades. moved abroad to study CS and did well in school, but not much else. Moved to a second country to do my Masters degree which I did okay in. But since then it has basically been downhill. While I had worked for a promising FAANG company as an intern one time, my career since then has been on a downhill (just realized this). Only had okay feedback from all companies where I worked, with one exception, including my last company. I also seem to be unemployable now given the skillset I have. AI is obviously making things much worse in this regard.

So today I asked myself if I can work hard enough to maybe start a job again and put a massive amount of effort into starting my own business -- but the evidence is completely against me: have not worked hard for half of my life (all of my adult life), so what makes me think I can start working hard now. I feel soooo bad & guilty having wasted all of my time and life on this planet.

Will be leaving my spouse alone, but better I end my life now, so that they can find a better partner.

Comments URL: https://news.ycombinator.com/item?id=47150156

Points: 2

# Comments: 1

Article URL: https://faidi.tech/posts/terminology/

Comments URL: https://news.ycombinator.com/item?id=47150140

Points: 1

# Comments: 0

Roundsman is a Node.js-based CLI tool to make it easy to work on many projects with Claude at the same time.

It works like this:

1. Put a `roundsman.json` in any folder you work on with Claude Code

2. Run `roundsman` from anywhere on your machine

3. Roundsman will then start visiting all your projects in order, in round-robin fashion. Upon each visit, you are expected to give a prompt. Roundsman will send that prompt to Claude, who will do the actual work. While Claude is working, Roundsman will take you to the next available project, and so-on. If all Claudes are working, you will wait until one of the projects needs you. You'll see Claude's outputs while you wait.

It is kept very, stupidly, simple on purpose. I do not like windows/panels/tabs, I do not like "TUI" theatrics, and I do not like tools that I have to remember more than 2 things to use. So I made this.

(There are a few advanced features available too - such as slash-commands, obviously. Like `/snooze 13` (to stop visiting a given project for 13 minutes), or `/drop` (to remove a project from the round robin list), or even `/loop 88 fix all the bugs` which will make it tell Claude to `"fix all the bugs"` 88 times. See the README for more.)

Enjoy!

Comments URL: https://news.ycombinator.com/item?id=47150138

Points: 1

# Comments: 0

Article URL: https://github.com/chrhartm/ai-rage/blob/main/README.md

Comments URL: https://news.ycombinator.com/item?id=47150130

Points: 2

# Comments: 1

Article URL: https://twitter.com/summeryue0/status/2025774069124399363

Comments URL: https://news.ycombinator.com/item?id=47150122

Points: 2

# Comments: 0

Article URL: https://encore.dev/blog/last-year-of-terraform

Comments URL: https://news.ycombinator.com/item?id=47150105

Points: 6

# Comments: 2