Cisco email security products targeted in zero-day campaign

Dansk

Two groups linked to China are exploiting a newly discovered vulnerability in Cisco's email security products. The campaign involves zero-day attacks, highlighting ongoing cybersecurity risks. The issue was reported on December 19, 2025.

Cisco's email security solutions have come under active attack from two Chinese-nexus threat groups. These actors are leveraging a zero-day flaw, meaning the vulnerability was unknown to the company prior to exploitation. Such campaigns underscore the persistent challenges in securing enterprise email systems against sophisticated adversaries.

The exploitation targets products designed to protect against email-based threats, potentially allowing attackers to bypass defenses and deliver malware or steal data. No specific details on the flaw's nature or the exact products affected were disclosed in initial reports, but the involvement of state-linked groups raises concerns about targeted espionage.

Cisco has yet to issue an official response in the available information, though the discovery prompts urgent patching and monitoring recommendations for users. This incident fits into a broader pattern of zero-day abuses by Chinese-affiliated hackers, as seen in previous high-profile breaches.

Relaterede artikler

Illustration of a cyber attack on Cisco devices, showing analysts monitoring screens with code and warnings in a dark operations room.
Billede genereret af AI

Operation Zero Disco exploits Cisco SNMP flaw for rootkits

Rapporteret af AI Billede genereret af AI

Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.

Chinese hackers install backdoors via Cisco email zero-day

Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.

Dell zero-day flaw unpatched for nearly two years

Rapporteret af AI

A security vulnerability in Dell software has reportedly remained unpatched for almost two years, allowing Chinese hackers to exploit it. The flaw involves hardcoded login credentials in a tool, raising concerns about data security.

Teknologi

Google report warns of shifting cloud threat landscape

Teknologi

Alleged Salt Typhoon hackers received Cisco training

Teknologi

Zyxel warns of critical RCE flaw in over a dozen routers

Veeam patches three critical security flaws in backup servers

Veeam has addressed three critical-severity security vulnerabilities that could expose backup servers to remote code execution attacks. The company issued patches to mitigate these risks. The announcement highlights ongoing concerns in cybersecurity for data protection tools.

Apple fixes zero-day flaws in WebKit for sophisticated attacks

Rapporteret af AI

Apple has addressed two zero-day vulnerabilities in its WebKit engine that were exploited in sophisticated attacks. The company released patches to fix these bugs, enhancing security for users of its devices.

Thousands of Korean Air employees exposed in Oracle breach

Korean Air, a major South Korean airline, has been affected by a supply-chain attack originating from Oracle, resulting in the exposure of thousands of its employees' information. The incident highlights vulnerabilities in third-party software services. Details emerged in a recent security report.

Critical flaws discovered in n8n workflow tool

Rapporteret af AI

Security researchers have uncovered critical vulnerabilities in the n8n automation tool. A previously released patch failed to fully address the issues, leaving users exposed. Experts provide guidance on protecting systems amid these discoveries.

onsdag d. 11. marts 2026, 02.47

Dutch intelligence accuses Russia of hacker attacks on WhatsApp and Signal

tirsdag d. 10. februar 2026, 10.59

BeyondTrust RCE flaw enables code execution without login

onsdag d. 4. februar 2026, 19.25

Russian hackers exploit Microsoft Office vulnerability days after patch

onsdag d. 14. januar 2026, 15.36

China directs firms to halt use of US and Israeli cybersecurity software

torsdag d. 8. januar 2026, 09.42

Congressional staff emails hacked in Salt Typhoon campaign

torsdag d. 8. januar 2026, 07.18

China-linked UAT-7290 targets telecoms with Linux malware

søndag d. 4. januar 2026, 12.46

Chinese cyberattacks on Taiwan average 2.6 million daily in 2025

mandag d. 29. december 2025, 00.35

Cybersecurity breaches define troubling year in 2025

lørdag d. 13. december 2025, 23.54

China-nexus groups and cybercriminals ramp up React2Shell exploits

onsdag d. 10. december 2025, 07.11

North Korean hackers exploit maximum severity React2Shell flaw

 

 

 

Dette websted bruger cookies

Vi bruger cookies til analyse for at forbedre vores side. Læs vores privatlivspolitik for mere information.
Afvis