Back

Critical Vulnerabilities and Exploits Targeting Cisco, Canvas, and Microsoft Systems

Severity: High (Score: 72.9)

Sources: Scworld

Summary

A series of critical vulnerabilities have emerged, including CVE-2026-20182, which allows unauthenticated attackers to gain admin access to Cisco Catalyst SD-WAN Controllers. ShinyHunters defaced the Canvas LMS login page, claiming to have 275 million records from around 9,000 educational institutions. An XSS flaw in on-prem Exchange is being exploited via crafted emails, affecting Outlook Web Access users. Two unpatched Windows zero-days have been disclosed, including YellowKey, which bypasses BitLocker encryption, and GreenPlasma, which escalates privileges. Additionally, malicious npm package updates have compromised OpenAI employee laptops, exposing limited internal credentials. Microsoft has addressed 118 vulnerabilities, but no emergency patches were issued this month. The time-to-exploit for vulnerabilities in AI infrastructure is now effectively zero, highlighting the urgency for immediate action. Key Points: • CVE-2026-20182 allows unauthenticated admin access on Cisco devices, with active exploitation reported. • Canvas LMS was defaced by ShinyHunters, claiming to possess 275 million records from educational institutions. • Critical XSS vulnerabilities in Microsoft Exchange are being actively exploited through crafted emails.

Key Entities

  • ShinyHunters (apt_group)
  • Supply Chain Attack (attack_type)
  • Zero-day Exploit (attack_type)
  • XSS (vulnerability)
  • GreenPlasma (vulnerability)
  • YellowKey (vulnerability)
  • Instructure (company)
  • OpenAI (company)
  • Canvas LMS (company)
  • CVE-2026-20182 (cve)
  • CWE-269 - Improper Privilege Management (cwe)
  • CWE-287 - Improper Authentication (cwe)
  • Cwe-79 - Cross-site Scripting (xss) (cwe)
  • Shai-hulud (malware)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1059.007 - JavaScript (mitre_attack)
  • T1195 - Supply Chain Compromise (mitre_attack)
  • T1566 - Phishing (mitre_attack)
  • BitLocker (platform)
  • Cisco Catalyst Sd-wan Controllers (platform)
  • Exchange (platform)
  • Outlook Web Access (platform)
  • Windows (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed