Cisco email security products targeted in zero-day campaign

Filipino

Two groups linked to China are exploiting a newly discovered vulnerability in Cisco's email security products. The campaign involves zero-day attacks, highlighting ongoing cybersecurity risks. The issue was reported on December 19, 2025.

Cisco's email security solutions have come under active attack from two Chinese-nexus threat groups. These actors are leveraging a zero-day flaw, meaning the vulnerability was unknown to the company prior to exploitation. Such campaigns underscore the persistent challenges in securing enterprise email systems against sophisticated adversaries.

The exploitation targets products designed to protect against email-based threats, potentially allowing attackers to bypass defenses and deliver malware or steal data. No specific details on the flaw's nature or the exact products affected were disclosed in initial reports, but the involvement of state-linked groups raises concerns about targeted espionage.

Cisco has yet to issue an official response in the available information, though the discovery prompts urgent patching and monitoring recommendations for users. This incident fits into a broader pattern of zero-day abuses by Chinese-affiliated hackers, as seen in previous high-profile breaches.

Mga Kaugnay na Artikulo

Illustration of a cyber attack on Cisco devices, showing analysts monitoring screens with code and warnings in a dark operations room.
Larawang ginawa ng AI

Operation Zero Disco exploits Cisco SNMP flaw for rootkits

Iniulat ng AI Larawang ginawa ng AI

Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.

Chinese hackers install backdoors via Cisco email zero-day

Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.

China ipinagbabawal ang software ng cybersecurity mula sa US at Israel

Iniulat ng AI

Inutusan ng mga awtoridad ng China ang mga lokal na kumpanya na itigil ang paggamit ng software ng cybersecurity mula sa higit kumulang labindalawang firm mula sa US at Israel dahil sa alalahanin sa seguridad pambansa. Ito ay bahagi ng pagsisikap ng Beijing na palitan ang teknolohiyang Kanluranin ng mga alternatibong lokal habang nagpapakita ng tensyon sa teknolohiya laban sa Estados Unidos. Ayon sa tatlong source na pamilyar sa usapan, inilabas ang direktiba kamakailan.

Linux

China-nexus groups and cybercriminals ramp up React2Shell exploits

Teknolohiya

Cybersecurity breaches define troubling year in 2025

Pulisiya

Chinese cyberattacks on Taiwan average 2.6 million daily in 2025

Thousands of Korean Air employees exposed in Oracle breach

Korean Air, a major South Korean airline, has been affected by a supply-chain attack originating from Oracle, resulting in the exposure of thousands of its employees' information. The incident highlights vulnerabilities in third-party software services. Details emerged in a recent security report.

EU commission aims to ban chinese risk technology from networks

Iniulat ng AI

The EU Commission has presented a revised cybersecurity law to better fend off attacks and reduce dependencies on high-risk third countries. In particular focus: Chinese companies like Huawei and ZTE, which are to be effectively excluded from 5G rollout. This follows a recent hacker attack on the Eurail platform.

OpenAI users targeted by scam emails and vishing calls

Scammers are sending emails that appear genuine to OpenAI users, designed to manipulate them into revealing critical data swiftly. These emails are followed by vishing calls that intensify the pressure on victims to disclose account details. The campaign highlights ongoing risks in AI platform security.

US government urged to patch critical Gogs security flaw

Iniulat ng AI

The US government has been advised to urgently address a high-severity vulnerability in the Gogs software to prevent potential attacks. This serious bug has been added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog. The warning comes amid growing concerns over exploited software weaknesses.

January 27, 2026 23:02

Microsoft patches security flaw in Office software

January 23, 2026 05:13

Fortinet FortiGate devices face automated attacks creating rogue accounts

January 14, 2026 06:04

Hackers hijack LinkedIn comments to spread malware

January 08, 2026 09:42

Congressional staff emails hacked in Salt Typhoon campaign

January 08, 2026 07:18

China-linked UAT-7290 targets telecoms with Linux malware

December 22, 2025 16:25

HPE urges immediate patching of OneView after critical security flaw found

December 16, 2025 23:12

React2Shell exploits continue with large-scale Linux backdoor deployments and cloud credential theft

December 15, 2025 07:33

Apple fixes zero-day flaws in WebKit for sophisticated attacks

December 13, 2025 22:13

Alleged Salt Typhoon hackers received Cisco training

December 10, 2025 07:11

North Korean hackers exploit maximum severity React2Shell flaw

 

 

 

Gumagamit ng cookies ang website na ito

Gumagamit kami ng cookies para sa analytics upang mapabuti ang aming site. Basahin ang aming patakaran sa privacy para sa higit pang impormasyon.
Tanggihan