Cisco email security products targeted in zero-day campaign

Dansk

Two groups linked to China are exploiting a newly discovered vulnerability in Cisco's email security products. The campaign involves zero-day attacks, highlighting ongoing cybersecurity risks. The issue was reported on December 19, 2025.

Cisco's email security solutions have come under active attack from two Chinese-nexus threat groups. These actors are leveraging a zero-day flaw, meaning the vulnerability was unknown to the company prior to exploitation. Such campaigns underscore the persistent challenges in securing enterprise email systems against sophisticated adversaries.

The exploitation targets products designed to protect against email-based threats, potentially allowing attackers to bypass defenses and deliver malware or steal data. No specific details on the flaw's nature or the exact products affected were disclosed in initial reports, but the involvement of state-linked groups raises concerns about targeted espionage.

Cisco has yet to issue an official response in the available information, though the discovery prompts urgent patching and monitoring recommendations for users. This incident fits into a broader pattern of zero-day abuses by Chinese-affiliated hackers, as seen in previous high-profile breaches.

Relaterede artikler

Illustration of a cyber attack on Cisco devices, showing analysts monitoring screens with code and warnings in a dark operations room.
Billede genereret af AI

Operation Zero Disco exploits Cisco SNMP flaw for rootkits

Rapporteret af AI Billede genereret af AI

Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.

Chinese hackers install backdoors via Cisco email zero-day

Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.

China directs firms to halt use of US and Israeli cybersecurity software

Rapporteret af AI

Chinese authorities have instructed domestic companies to stop using cybersecurity software from more than a dozen US and Israeli firms due to national security concerns. The directive supports Beijing's drive to replace Western technology with homegrown alternatives amid intensifying tech competition with the United States. Three sources familiar with the matter said the notice was issued in recent days.

Linux

China-nexus groups and cybercriminals ramp up React2Shell exploits

Teknologi

Cybersecurity breaches define troubling year in 2025

Politik

Chinese cyberattacks on Taiwan average 2.6 million daily in 2025

Thousands of Korean Air employees exposed in Oracle breach

Korean Air, a major South Korean airline, has been affected by a supply-chain attack originating from Oracle, resulting in the exposure of thousands of its employees' information. The incident highlights vulnerabilities in third-party software services. Details emerged in a recent security report.

EU-kommissionen vil forbyde kinesisk risikoteknologi fra netværk

Rapporteret af AI

EU-kommissionen har præsenteret en revideret cybersikkerhedslov for bedre at afværge angreb og reducere afhængigheden af højrisikoland uden for EU. Særligt i fokus: kinesiske virksomheder som Huawei og ZTE, som effektivt skal udelukkes fra 5G-udrulningen. Dette følger en nylig hackerangreb på Eurail-platformen.

OpenAI users targeted by scam emails and vishing calls

Scammers are sending emails that appear genuine to OpenAI users, designed to manipulate them into revealing critical data swiftly. These emails are followed by vishing calls that intensify the pressure on victims to disclose account details. The campaign highlights ongoing risks in AI platform security.

US government urged to patch critical Gogs security flaw

Rapporteret af AI

The US government has been advised to urgently address a high-severity vulnerability in the Gogs software to prevent potential attacks. This serious bug has been added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog. The warning comes amid growing concerns over exploited software weaknesses.

tirsdag d. 27. januar 2026, 23.02

Microsoft patches security flaw in Office software

fredag d. 23. januar 2026, 05.13

Fortinet FortiGate devices face automated attacks creating rogue accounts

onsdag d. 14. januar 2026, 06.04

Hackers hijack LinkedIn comments to spread malware

torsdag d. 8. januar 2026, 09.42

Congressional staff emails hacked in Salt Typhoon campaign

torsdag d. 8. januar 2026, 07.18

China-linked UAT-7290 targets telecoms with Linux malware

mandag d. 22. december 2025, 16.25

HPE urges immediate patching of OneView after critical security flaw found

tirsdag d. 16. december 2025, 23.12

React2Shell exploits continue with large-scale Linux backdoor deployments and cloud credential theft

mandag d. 15. december 2025, 07.33

Apple fixes zero-day flaws in WebKit for sophisticated attacks

lørdag d. 13. december 2025, 22.13

Alleged Salt Typhoon hackers received Cisco training

onsdag d. 10. december 2025, 07.11

North Korean hackers exploit maximum severity React2Shell flaw

 

 

 

Dette websted bruger cookies

Vi bruger cookies til analyse for at forbedre vores side. Læs vores privatlivspolitik for mere information.
Afvis