This week's cybersecurity recap reveals active exploitation of Cisco SD-WAN zero-day since 2023, widespread API key exposure enabling Gemini access, and multiple AI security breaches including Claude Code vulnerabilities and Chinese firms accused of model distillation attacks.
This week's cybersecurity landscape reveals a complex web of active threats spanning network infrastructure, AI platforms, and cloud services. What emerges when examining these incidents collectively is not isolated events but interconnected patterns of exploitation that demonstrate how adversaries are evolving their tactics across multiple technology domains.
Cisco SD-WAN Zero-Day Under Active Exploitation Since 2023
A maximum-severity vulnerability in Cisco Catalyst SD-WAN Controller and Manager has been actively exploited in the wild since 2023, representing one of the most significant network security threats of the year. Tracked as CVE-2026-20127 with a CVSS score of 10.0, this flaw allows unauthenticated remote attackers to bypass authentication and obtain administrative privileges by sending crafted requests.
The exploitation has been ongoing for over two years, with Cisco tracking the activity under the moniker UAT-8616, describing it as a "highly sophisticated cyber threat actor." The Australian Signals Directorate's Australian Cyber Security Centre (ASD-ACSC) reported the vulnerability to Cisco, highlighting the international collaboration in identifying these threats.
This long-term exploitation demonstrates how critical infrastructure vulnerabilities can remain active for extended periods before discovery, giving attackers ample time to establish persistent access and potentially exfiltrate sensitive data or deploy additional malware.
API Key Exposure Creates Widespread Gemini Access Risk
New research has uncovered a critical security issue affecting Google Cloud API keys that could allow attackers to authenticate to sensitive Gemini endpoints and access private data. The problem occurs when users enable the Gemini API on a Google Cloud project, causing existing API keys to gain surreptitious access to Gemini endpoints without any warning or notice.
With a valid key, attackers can access uploaded files, cached data, and even rack up LLM usage charges. Truffle Security discovered this issue, which Google has since addressed. The vulnerability highlights how cloud service configurations can create unexpected security gaps when features interact in unintended ways.
This exposure affects thousands of public Google Cloud API keys, demonstrating how seemingly innocuous credentials can become powerful attack vectors when combined with AI service access. The incident underscores the importance of proper API key management and the need for clear visibility into how credentials can be used across different services.
Claude Code Vulnerabilities Enable Remote Code Execution
Security researchers at Check Point discovered critical vulnerabilities in Anthropic's Claude Code that could have allowed attackers to remotely execute code on users' machines and steal API keys. The flaws existed in how Claude Code handled repository-controlled configuration files, creating severe supply chain risks.
"The ability to execute arbitrary commands through repository-controlled configuration files created severe supply chain risks, where a single malicious commit could compromise any developer working with the affected repository," Check Point explained. The vulnerabilities were addressed between September 2025 and January 2026.
This incident demonstrates how AI integration into development workflows introduces new attack surfaces not present in traditional tools. As AI agents become more autonomous and capable of browsing, calling APIs, and accessing internal systems, the security perimeter expands beyond the model to the entire environment they operate in.
Chinese AI Firms Accused of Industrial-Scale Model Distillation
Anthropic has accused three Chinese AI firms—DeepSeek, Moonshot AI, and MiniMax—of engaging in "industrial-scale" distillation attack campaigns aimed at extracting information from its Claude model. These firms allegedly flooded Claude with large volumes of specially-crafted prompts to elicit responses that could train their own proprietary models.
The accusations follow similar complaints from OpenAI, which submitted an open letter to U.S. legislators claiming to have observed ongoing attempts by DeepSeek to distill frontier models through new, obfuscated methods. This controversy has reignited debates over training data sources and distillation techniques in the AI industry.
Elon Musk, CEO of xAI, criticized Anthropic's position, stating: "Anthropic is guilty of stealing training data at a massive scale and has had to pay multibillion-dollar settlements for their theft." The dispute highlights the complex ethical and legal questions surrounding AI model development and the competitive tensions in the rapidly evolving AI landscape.
UAT-10027 Targets Education and Healthcare with Novel Backdoor
A previously undocumented threat activity cluster known as UAT-10027 has been targeting education and healthcare sectors in the U.S. since at least December 2025. The campaign's goal is to deliver a never-before-seen backdoor codenamed Dohdoor, which utilizes DNS-over-HTTPS (DoH) technique for command-and-control communications.
"Dohdoor has the ability to download and execute other payload binaries reflectively," Cisco Talos reported. While no final payloads have been observed beyond what appears to be Cobalt Strike Beacon, the victimology pattern suggests financial motivation behind the attacks.
The targeting of education and healthcare sectors indicates a strategic approach to selecting high-value targets with potentially valuable data and less mature security postures compared to financial institutions or government agencies.
Google Disrupts UNC2814 Cyber Espionage Campaign
Google disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814. The group breached at least 53 organizations across 42 countries, demonstrating the global reach of state-sponsored cyber operations.
Central to UNC2814's operations is a novel backdoor dubbed GRIDTIDE that abuses Google Sheets API as a communication channel to disguise command-and-control traffic and facilitate the transfer of raw data and shell commands. This technique of using legitimate cloud services for malicious communications has become increasingly common among sophisticated threat actors.
Google described UNC2814 as a prolific, elusive actor with a history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas. The disruption effort highlights the importance of public-private collaboration in combating advanced persistent threats.
Mobile and IoT Botnets Expand Attack Surface
Multiple IoT and mobile threats have emerged this week, demonstrating how attackers are diversifying their targets. A Mirai-based IoT botnet named Zerobot has been observed exploiting vulnerabilities in the n8n AI automation platform (CVE-2025-68613) and Tenda routers (CVE-2025-7544).
"Targeting of the n8n vulnerability is particularly interesting: Botnets typically exploit Internet of Things devices, but n8n falls into an entirely different category," Akamai noted. "This sort of targeting presents a greater danger to organizations by exposing more critical infrastructure to compromise as the n8n exploit could enable lateral movement for a threat actor."
This shift toward targeting AI automation platforms and enterprise software represents an evolution in botnet tactics, moving beyond traditional IoT devices to compromise more valuable infrastructure that could provide deeper network access.
Phishing Campaigns Leverage Legitimate Services
Several sophisticated phishing campaigns have been discovered abusing legitimate services to bypass security filters. The GTFire phishing scheme uses Google Firebase to host phishing pages and Google Translate to disguise malicious URLs, creating phishing links that appear benign and leverage Google's reputation.
"By chaining these services together, the attackers create phishing links that appear benign, leverage Google's reputation, and dynamically redirect victims to brand-impersonating login pages," Group-IB explained. The campaign has harvested thousands of stolen credentials across more than a hundred countries.
Another campaign, dubbed OCRFix, used websites impersonating the Tesseract OCR tool as a launchpad for delivering malware that uses EtherHiding to retrieve command-and-control servers. These techniques demonstrate how attackers are increasingly abusing trusted services to improve their phishing success rates.
Ransomware and Malware Evolution
The ransomware landscape continues to evolve with the emergence of C77L, a ransomware operation tied to at least 40 attacks on Russian and Belarusian enterprises since March 2025. The group, assessed to be operating out of Iran, gains initial access through weak passwords for publicly available RDP and VPN endpoints.
"The targets of attacks are Windows systems due to their overwhelming predominance in the IT infrastructures of medium and small businesses," F6 reported. This targeting pattern reflects the ransomware groups' focus on organizations with potentially weaker security postures and valuable data.
Multiple information stealer families have also been detected in the wild, including Arkanix, CharlieKirk GRABBER, ComSuon, DarkCloud, MawaStealer, and MioLab (NovaStealer). Kaspersky's analysis revealed that Arkanix was likely developed as an LLM-assisted experiment, demonstrating how AI tools are being adopted by both defenders and attackers.
Supply Chain and Infrastructure Attacks
Supply chain attacks continue to pose significant risks, with new FUNNULL infrastructure discovered by QiAnXin. The Philippines-based content delivery network, sanctioned by the U.S. Treasury for facilitating cyber scam operations, has evolved its tactics to independently develop complete server-side attack suites.
"Previously, their main method was to poison existing public CDN services; now they have evolved to independently develop complete server-side attack suites (RingH23), actively infiltrating CDN nodes," QiAnXin XLab reported. The campaign has compromised 10,748 unique IP addresses, predominantly video streaming sites.
These attacks demonstrate how supply chain compromises can affect thousands of downstream victims through a single point of entry, making them particularly attractive to sophisticated threat actors.
Critical CVEs Require Immediate Attention
This week's vulnerability disclosures include numerous critical flaws requiring immediate patching. Beyond the Cisco SD-WAN zero-day, notable vulnerabilities include:
- CVE-2025-40538 through CVE-2025-40541 affecting SolarWinds Serv-U
- CVE-2026-25755 impacting jsPDF
- CVE-2025-12543 in HPE Telco Service Activator
- Multiple vulnerabilities in Broadcom VMware Aria Operations (CVE-2026-22719 through CVE-2026-22721)
- CVE-2026-3061 through CVE-2026-3063 in Google Chrome
- CVE-2025-10010 affecting CryptoPro Secure Disk for BitLocker
- Multiple Zyxel vulnerabilities (CVE-2025-13942 through CVE-2025-13943 and CVE-2026-1459)
- CVE-2025-71210 and CVE-2025-71211 in Trend Micro Apex One
- CVE-2026-0542 in ServiceNow AI Platform
- CVE-2026-24061 affecting telnetd
- CVE-2026-21902 in Juniper Networks Junos OS
- CVE-2025-29631 and CVE-2025-1242 in Gardyn Home Kit
- CVE-2025-15576 in FreeBSD
- CVE-2026-26365 in Akamai
- CVE-2026-27739 in Angular
- SVE-2025-50109 in Samsung Tizen OS
Conclusion: Interconnected Threat Landscape
The incidents covered this week reveal a cybersecurity landscape where threats are increasingly interconnected and sophisticated. From the two-year exploitation of Cisco SD-WAN vulnerabilities to the industrial-scale AI model distillation campaigns, attackers are demonstrating patience, technical sophistication, and strategic targeting.
What becomes clear when examining these events collectively is that modern cybersecurity requires a holistic approach. Network infrastructure, AI platforms, cloud services, and supply chains are deeply intertwined, and a vulnerability in one area can create cascading risks across an entire technology ecosystem.
The evolution of tactics—from abusing legitimate cloud services for command-and-control communications to leveraging AI tools for malware development—shows that adversaries are continuously adapting to new technologies and security measures. Organizations must similarly evolve their defensive strategies, implementing comprehensive monitoring, rapid patching processes, and security-by-design principles across all technology domains.
As AI becomes more integrated into both offensive and defensive cybersecurity operations, the arms race between attackers and defenders is likely to accelerate, making continuous vigilance and proactive security measures more critical than ever.
Comments
Please log in or register to join the discussion