{"id":217578,"date":"2026-02-25T17:06:00","date_gmt":"2026-02-25T22:06:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/25\/hackers-are-exploiting-exposed-cisco-products-five-eyes-intelligence-agencies-say\/"},"modified":"2026-02-26T06:40:15","modified_gmt":"2026-02-26T11:40:15","slug":"hackers-are-exploiting-exposed-cisco-products-five-eyes-intelligence-agencies-say","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/25\/hackers-are-exploiting-exposed-cisco-products-five-eyes-intelligence-agencies-say\/","title":{"rendered":"Hackers are exploiting exposed Cisco products, Five Eyes intelligence agencies say"},"content":{"rendered":"<p><a href=\"https:\/\/www.nextgov.com\/cybersecurity\/2026\/02\/hackers-are-exploiting-exposed-cisco-products-five-eyes-intelligence-agencies-say\/411694\/\">Hackers are exploiting exposed Cisco products, Five Eyes intelligence agencies say<\/a><\/p>\n<p><a href=\"https:\/\/www.nextgov.com\/cybersecurity\/2026\/02\/hackers-are-exploiting-exposed-cisco-products-five-eyes-intelligence-agencies-say\/411694\/\">https:\/\/www.nextgov.com\/cybersecurity\/2026\/02\/hackers-are-exploiting-exposed-cisco-products-five-eyes-intelligence-agencies-say\/411694\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-25 17:06:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.nextgov.com\">www.nextgov.com<\/a><\/p>\n<p>The Cybersecurity and Infrastructure Security Agency and its overseas intelligence partners said a \u201csignificant cyber threat\u201d is exploiting vulnerabilities in Cisco wide-area networking equipment and urged organizations to search for signs that they\u2019ve been compromised. Federal networks are also exposed.<\/p>\n<p>CISA, the NSA and Five Eyes partners \u2014 which include cyber agencies in the UK, New Zealand, Canada and Australia \u2014 issued the alert Wednesday and said two cyber vulnerabilities \u2014 denoted CVE-2026-20127 and CVE-2022-20775 \u2014 were discovered on exposed devices.<\/p>\n<p>A concurrent report produced by Cisco\u2019s cyber threat intelligence unit dubbed the hacking group as UAT-8616, assessing it as a \u201chighly sophisticated cyber threat actor.\u201d Cisco and the cyberintelligence agencies did not name a particular nation-state affiliation with the hackers.<\/p>\n<p>After confirming that hackers were actively exploiting the previously unknown vulnerability, Cisco researchers said they reviewed historical data and found evidence the malicious activity dated back to at least 2023.<\/p>\n<p>In written remarks, CISA said the conditions pose \u201can unacceptable risk to federal agencies and necessitate emergency action.\u201d The UK National Cyber Security Centre echoed that dynamic and said \u201cmalicious cyber threat actors are targeting Cisco Catalyst Software Defined Wide Area Networks (SD-WAN) used by organisations globally.\u201d<\/p>\n<p>A critical advisory issued by Cisco said one of the vulnerabilities can let hackers \u201cgain root privileges on the underlying operating system,\u201d giving them access to the affected device. A technical hunt guide was also released with the involved governments.<\/p>\n<p>The advisory adds to a growing list of security alerts tied to Cisco systems, which are commonly deployed in enterprise and government networks. Such devices often manage internet traffic and user authentication, which, if exploited, can provide attackers with elevated access that allows them to potentially&#8230;<\/p>\n<p><a href=\"https:\/\/www.nextgov.com\/cybersecurity\/2026\/02\/hackers-are-exploiting-exposed-cisco-products-five-eyes-intelligence-agencies-say\/411694\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers are exploiting exposed Cisco products, Five Eyes intelligence agencies say https:\/\/www.nextgov.com\/cybersecurity\/2026\/02\/hackers-are-exploiting-exposed-cisco-products-five-eyes-intelligence-agencies-say\/411694\/ Publish Date: 2026-02-25&#8230;<\/p>\n","protected":false},"author":1,"featured_media":217579,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cdn.nextgov.com\/media\/img\/cd\/2026\/02\/25\/022526AlertNG\/open-graph.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,34,27],"class_list":["post-217578","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-threat-actor","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/217578"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=217578"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/217578\/revisions"}],"predecessor-version":[{"id":217580,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/217578\/revisions\/217580"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/217579"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=217578"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=217578"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=217578"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}