Five Eyes allies issue advisory on Chinese intelligence operations.

Top stories: Five Eyes partners issued a joint advisory warning that Chinese intelligence operations are using professional networking sites and fake recruitment to target government, military, and peripheral personnel for non-public information; Proofpoint tracked a China-based cybercriminal actor (“TA4922”) using business-themed phishing to distribute malware, steal credentials, and commit fraud with a focus on Japanese organizations; and Cisco released patches for CVE-2026-20230, a critical SSRF vulnerability in Unified Communications Manager that can allow unauthenticated attackers to write files and escalate to root (CVSS 8.6, SIR: Critical).