Cisco email security products targeted in zero-day campaign

Deutsch

Two groups linked to China are exploiting a newly discovered vulnerability in Cisco's email security products. The campaign involves zero-day attacks, highlighting ongoing cybersecurity risks. The issue was reported on December 19, 2025.

Cisco's email security solutions have come under active attack from two Chinese-nexus threat groups. These actors are leveraging a zero-day flaw, meaning the vulnerability was unknown to the company prior to exploitation. Such campaigns underscore the persistent challenges in securing enterprise email systems against sophisticated adversaries.

The exploitation targets products designed to protect against email-based threats, potentially allowing attackers to bypass defenses and deliver malware or steal data. No specific details on the flaw's nature or the exact products affected were disclosed in initial reports, but the involvement of state-linked groups raises concerns about targeted espionage.

Cisco has yet to issue an official response in the available information, though the discovery prompts urgent patching and monitoring recommendations for users. This incident fits into a broader pattern of zero-day abuses by Chinese-affiliated hackers, as seen in previous high-profile breaches.

Verwandte Artikel

Illustration of a cyber attack on Cisco devices, showing analysts monitoring screens with code and warnings in a dark operations room.
Bild generiert von KI

Operation Zero Disco exploits Cisco SNMP flaw for rootkits

Von KI berichtet Bild generiert von KI

Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.

Chinese hackers install backdoors via Cisco email zero-day

Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.

China directs firms to halt use of US and Israeli cybersecurity software

Von KI berichtet

Chinese authorities have instructed domestic companies to stop using cybersecurity software from more than a dozen US and Israeli firms due to national security concerns. The directive supports Beijing's drive to replace Western technology with homegrown alternatives amid intensifying tech competition with the United States. Three sources familiar with the matter said the notice was issued in recent days.

Linux

China-nexus groups and cybercriminals ramp up React2Shell exploits

Technologie

Cybersecurity breaches define troubling year in 2025

Politik

Chinese cyberattacks on Taiwan average 2.6 million daily in 2025

Thousands of Korean Air employees exposed in Oracle breach

Korean Air, a major South Korean airline, has been affected by a supply-chain attack originating from Oracle, resulting in the exposure of thousands of its employees' information. The incident highlights vulnerabilities in third-party software services. Details emerged in a recent security report.

EU-Kommission will chinesische Risikotechnik aus Netzen verbannen

Von KI berichtet

Die EU-Kommission hat ein überarbeitetes Cybersicherheitsgesetz vorgestellt, um Angriffe besser abzuwehren und Abhängigkeiten von risikoreichen Drittländern zu reduzieren. Besonders im Fokus: Chinesische Unternehmen wie Huawei und ZTE, die beim 5G-Ausbau faktisch ausgeschlossen werden sollen. Dies folgt auf einen kürzlichen Hackerangriff auf die Eurail-Plattform.

OpenAI users targeted by scam emails and vishing calls

Scammers are sending emails that appear genuine to OpenAI users, designed to manipulate them into revealing critical data swiftly. These emails are followed by vishing calls that intensify the pressure on victims to disclose account details. The campaign highlights ongoing risks in AI platform security.

US government urged to patch critical Gogs security flaw

Von KI berichtet

The US government has been advised to urgently address a high-severity vulnerability in the Gogs software to prevent potential attacks. This serious bug has been added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog. The warning comes amid growing concerns over exploited software weaknesses.

Dienstag, 27. Januar 2026, 23:02 Uhr

Microsoft patches security flaw in Office software

Freitag, 23. Januar 2026, 05:13 Uhr

Fortinet FortiGate devices face automated attacks creating rogue accounts

Mittwoch, 14. Januar 2026, 06:04 Uhr

Hackers hijack LinkedIn comments to spread malware

Donnerstag, 08. Januar 2026, 09:42 Uhr

Congressional staff emails hacked in Salt Typhoon campaign

Donnerstag, 08. Januar 2026, 07:18 Uhr

China-linked UAT-7290 targets telecoms with Linux malware

Montag, 22. Dezember 2025, 16:25 Uhr

HPE urges immediate patching of OneView after critical security flaw found

Dienstag, 16. Dezember 2025, 23:12 Uhr

React2Shell exploits continue with large-scale Linux backdoor deployments and cloud credential theft

Montag, 15. Dezember 2025, 07:33 Uhr

Apple fixes zero-day flaws in WebKit for sophisticated attacks

Samstag, 13. Dezember 2025, 22:13 Uhr

Alleged Salt Typhoon hackers received Cisco training

Mittwoch, 10. Dezember 2025, 07:11 Uhr

North Korean hackers exploit maximum severity React2Shell flaw

 

 

 

Diese Website verwendet Cookies

Wir verwenden Cookies für Analysen, um unsere Website zu verbessern. Lesen Sie unsere Datenschutzrichtlinie für weitere Informationen.
Ablehnen