China espionage dwell 1 year, Microsoft 200 patches, Cisco SD-WAN actively exploited

High-risk briefing: China-linked UNC6508 conducted a year-long intrusion into North American medical, military, and academic research networks via compromised REDCap servers to harvest credentials and exfiltrate sensitive research and emails; concurrently, multiple high-severity vulnerabilities were actively exploited (including Cisco SD‑WAN vManage CVE-2026-20262 zero-day and a Microsoft 365 Copilot ‘SearchLeak’ chain), Microsoft released a record patch volume, and researchers observed North Korean actors weaponizing developer tools — collectively indicating ongoing nation-state espionage, active exploitation, and elevated risk requiring immediate patching, credential rotations, and network segmentation.