{"id":280763,"date":"2026-06-24T14:49:00","date_gmt":"2026-06-24T18:49:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/24\/malicious-hackers-exploit-cisco-zero-day-for-highest-access-level-at-communications-service-provider\/"},"modified":"2026-06-24T14:55:11","modified_gmt":"2026-06-24T18:55:11","slug":"malicious-hackers-exploit-cisco-zero-day-for-highest-access-level-at-communications-service-provider","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/24\/malicious-hackers-exploit-cisco-zero-day-for-highest-access-level-at-communications-service-provider\/","title":{"rendered":"Malicious hackers exploit Cisco zero-day for highest access level at communications service provider"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/cisco-sd-wan-zero-day-exploit-communications-provider\/\">Malicious hackers exploit Cisco zero-day for highest access level at communications service provider<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/cisco-sd-wan-zero-day-exploit-communications-provider\/\">https:\/\/cyberscoop.com\/cisco-sd-wan-zero-day-exploit-communications-provider\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-24 14:49:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>An attacker exploited a previously unknown and unpatched Cisco vulnerability earlier this year to infiltrate a communications service provider and gain the highest level of access possible, Mandiant said Wednesday.<\/p>\n<p>Cisco has since patched the flaw, one of seven actively exploited zero-day vulnerabilities this year in its SD-WAN (software-defined wide area network) software used to manage internet traffic within organizations, typically those that are widely distributed, such as banks with numerous branches.<\/p>\n<p>But Google-owned cybersecurity firm Mandiant said the attacker (or attackers) could have used its root-level access to obtain broad and undetected visibility into the internal traffic throughout the provider\u2019s entire corporate network. In a caveat, Mandiant also said it could not fully assess how far the compromise actually went because of how cleverly the perpetrators hid their activity.<\/p>\n<p>The attack illustrated hackers\u2019 ongoing targeting of edge devices, Mandiant said. Attacks on such devices have been very common and involved in some of the most consequential breaches in recent years, prompting the Cybersecurity and Infrastructure Agency to direct federal agencies to give them special attention this year.<\/p>\n<p>\u201cThis campaign underscores the living off the edge paradigm, where threat actors prioritize the compromise of network appliances to bypass traditional security perimeters,\u201d Mandiant wrote in a blog post. \u201cAs organizations increasingly adopt software-defined networking, the orchestrators managing these environments become primary targets. These devices offer a black box environment for threat actors: they often lack the telemetry required for deep forensic analysis, and their role as a central control plane provides a stealthy platform for persistent, wide-scale access to internal enterprise traffic.\u201d<\/p>\n<p>Mandiant didn\u2019t attribute the attack to any specific group, citing the work the attacker did to cover their tracks and&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/cisco-sd-wan-zero-day-exploit-communications-provider\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Malicious hackers exploit Cisco zero-day for highest access level at communications service provider https:\/\/cyberscoop.com\/cisco-sd-wan-zero-day-exploit-communications-provider\/ Publish&#8230;<\/p>\n","protected":false},"author":1,"featured_media":280764,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2025\/09\/GettyImages-2224577786-min.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,27],"class_list":["post-280763","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/280763"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=280763"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/280763\/revisions"}],"predecessor-version":[{"id":280765,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/280763\/revisions\/280765"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/280764"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=280763"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=280763"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=280763"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}