TheRegister's platform is a leading technology news website, offering insights into IT industry news, hardware reviews, and software updates. Through articles, analysis, and opinion pieces, TheRegister offers insights into cybersecurity threats, technology trends, and industry developments. Readers can stay updated with the latest news and analysis from the world of technology and IT business.

The Register

The Five Eyes intelligence alliance has issued a rare joint alert urging organizations to patch two Cisco Catalyst SD-WAN vulnerabilities being actively exploited. The first, CVE-2022-20775 (CVSS 7.8), is a path traversal flaw enabling privilege escalation. The second, CVE-2026-20127 (CVSS 10.0), is a newly disclosed improper authentication bug granting admin access to SD-WAN Controller and Manager. Cisco Talos attributes the attacks to a group called UAT-8616, active since at least 2023, which chains both vulnerabilities to achieve root access and persistent footholds. Targets are believed to be in high-value and critical infrastructure sectors. Defenders are urged to use the Five Eyes Hunt Guide to check for compromise and apply vendor updates immediately.

Five Eyes urge action as Cisco zero-day attacks uncovered