Welcome to the February 26th edition of ONSEC Cyber Daily, where we weave together the intricate web of vulnerabilities and defenses shaping our digital landscape. Today, we delve into the explosive growth of vulnerabilities in 2025, where only a mere 1% were weaponized, leaving defenders in a quandary over prioritization. As Caitlin Condon from VulnCheck aptly puts it, the challenge lies in knowing what to focus on amidst the chaos. Meanwhile, a critical Cisco SD-WAN bug, lurking since 2023, has been actively exploited, prompting an urgent Five Eyes alliance directive. This vulnerability saga extends to Zyxel routers and SolarWinds Serv-U, underscoring the relentless pursuit of cybercriminals. As the EU bolsters defenses in response to Ukraine's warnings, the cybersecurity world braces for the next wave of attacks. Join us as we navigate this complex narrative of threats and countermeasures, highlighting the urgent need for vigilance and timely patching.

Exploits Alert

1. Critical Cisco SD-WAN Bug Exploited in Zero-Day Attacks: A critical vulnerability in Cisco Catalyst SD-WAN has been actively exploited since 2023, prompting cybersecurity agencies across the Five Eyes alliance to issue an emergency directive. The flaw allows attackers to bypass authentication, posing significant risks to affected systems. Source: Ground News.
2. Zyxel Issues Urgent Security Warning Over Critical Router Vulnerability: Zyxel has released an urgent security warning regarding a critical vulnerability in its routers. This flaw could serve as an entry point for cyberattacks, particularly targeting edge devices in both home and enterprise environments. Source: LinkedIn.
3. Five Eyes Nations Release Emergency Directive Over Cisco Vulnerability: The Five Eyes alliance has issued a joint alert concerning a critical vulnerability in Cisco SD-WAN systems. This flaw has been exploited in zero-day attacks, leading to a coordinated international response to mitigate the threat. Source: Cybersecurity Connect.
4. Heeding Ukraine's Warning, EU Funds Drone and Cyber Defenses: In response to vulnerabilities exposed by recent attacks, the EU is investing in drone and cyber defenses to protect its energy infrastructure. This move underscores the increasing importance of cybersecurity in safeguarding critical national assets. Source: United24 Media.
5. CISA Issues Alert on Active Exploitation of FileZen Vulnerability: The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding the active exploitation of a vulnerability in FileZen systems. Organizations are urged to apply timely patches to defend against potential cyberattacks. Source: GBHackers.

Vulnerabilities & Patches

1. Multiple Critical SolarWinds Serv-U Bugs Addressed: SolarWinds has released patches for several critical vulnerabilities in its Serv-U product, including CVE-2025-40541. These vulnerabilities, if exploited, could allow remote code execution, posing significant risks to affected systems. Organizations using Serv-U are urged to apply the patches immediately to mitigate potential threats. Source: SC Media.
2. Broadcom Patches VMware Aria Operations Vulnerabilities: Broadcom has addressed critical vulnerabilities in VMware Aria Operations, with the most severe being CVE-2026-22719, a command injection flaw with a CVSS score of 8.1. These vulnerabilities could lead to unauthorized command execution, and users are advised to update their systems promptly. Source: SC Media.
3. Trend Micro Apex One Critical Security Vulnerabilities: Trend Micro has confirmed critical vulnerabilities in its Apex One product, identified as CVE-2025-71210 and CVE-2025-71211. A critical patch, Build 14136, is available and should be applied to protect systems from potential exploitation. Source: igor´sLAB.
4. Google Issues Urgent Chrome Patch: Google has released an urgent security patch for Chrome to address high-risk vulnerabilities, including CVE-2026-3061, an out-of-bounds read bug in the Media component. Users are strongly encouraged to update their browsers to the latest version to ensure protection against these flaws. Source: Storyboard18.
5. Critical Cisco SD-WAN 0-Day Vulnerability Exploited: A critical zero-day vulnerability, CVE-2026-20127, affecting Cisco SD-WAN has been actively exploited since 2023. This authentication bypass flaw allows attackers to gain root access, and immediate patching is recommended to prevent ongoing attacks. Source: Cybersecurity News.

Podcasts

1. Strategies for Security Leaders in the Midst of Skill Shortages: This podcast episode features Kory Daniels, Chief Security & Trust Officer at LevelBlue, discussing strategies for cybersecurity leaders to navigate the challenges posed by skill shortages in the industry. The conversation highlights innovative approaches to talent acquisition and retention, emphasizing the importance of continuous learning and adaptability in the cybersecurity landscape. Source.
2. Ahead of the Threat Podcast: Season 2, Episode 2 — John Hammond: In this engaging episode, two cybersecurity experts delve into the FBI's Operation Winter SHIELD initiative, offering listeners a practical and insightful discussion on current cyber threats and defense strategies. The episode provides valuable perspectives on how organizations can stay ahead of emerging threats. Source.
3. Censinet Risk Never Sleeps Podcast Celebrates Its 200th Episode: This milestone episode highlights the critical role of cybersecurity in protecting patient safety within the healthcare industry. The podcast has reached thousands, spotlighting the efforts of professionals dedicated to mitigating cyber threats in healthcare settings. Source.
4. The Firm Report New Podcast Episode Examines How Phone Numbers Influence Trust and Lead Generation for Law Firms: This episode explores the impact of vanity phone numbers on building trust and improving recall in the legal industry. It discusses how these numbers can enhance client conversion rates, offering insights into effective marketing strategies for law firms. Source.
5. CISO Confidential Launches On The Cybercrime Magazine Podcast: The inaugural episodes of this podcast series focus on how organizations can protect themselves against new threats like deepfakes and artificial intelligence. It provides actionable advice for CISOs and security teams to bolster their defenses in an evolving threat landscape. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that vulnerabilities are sprouting faster than ever, much like weeds in a garden. Yet, only a small fraction—just 1%—are being weaponized in attacks. This leaves defenders in a quandary, as Caitlin Condon from VulnCheck aptly noted, struggling to prioritize which threats demand immediate attention. The urgency is palpable, especially with critical vulnerabilities like the Cisco SD-WAN bug that has been exploited since 2023, prompting emergency directives from cybersecurity agencies worldwide. It's a stark reminder of the importance of staying vigilant and informed. We hope today's insights empower you to navigate the complex landscape of cybersecurity with confidence. If you found this newsletter valuable, please share it with your friends and colleagues. Together, we can cultivate a community that is not only informed but also prepared to tackle the challenges of tomorrow. Stay secure, stay informed, and see you in the next edition of ONSEC Cyber Daily!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn