Cisco email security products targeted in zero-day campaign

Kiswahili

Two groups linked to China are exploiting a newly discovered vulnerability in Cisco's email security products. The campaign involves zero-day attacks, highlighting ongoing cybersecurity risks. The issue was reported on December 19, 2025.

Cisco's email security solutions have come under active attack from two Chinese-nexus threat groups. These actors are leveraging a zero-day flaw, meaning the vulnerability was unknown to the company prior to exploitation. Such campaigns underscore the persistent challenges in securing enterprise email systems against sophisticated adversaries.

The exploitation targets products designed to protect against email-based threats, potentially allowing attackers to bypass defenses and deliver malware or steal data. No specific details on the flaw's nature or the exact products affected were disclosed in initial reports, but the involvement of state-linked groups raises concerns about targeted espionage.

Cisco has yet to issue an official response in the available information, though the discovery prompts urgent patching and monitoring recommendations for users. This incident fits into a broader pattern of zero-day abuses by Chinese-affiliated hackers, as seen in previous high-profile breaches.

Makala yanayohusiana

Illustration of a cyber attack on Cisco devices, showing analysts monitoring screens with code and warnings in a dark operations room.
Picha iliyoundwa na AI

Operation Zero Disco exploits Cisco SNMP flaw for rootkits

Imeripotiwa na AI Picha iliyoundwa na AI

Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.

Chinese hackers install backdoors via Cisco email zero-day

Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.

Dell zero-day flaw unpatched for nearly two years

Imeripotiwa na AI

A security vulnerability in Dell software has reportedly remained unpatched for almost two years, allowing Chinese hackers to exploit it. The flaw involves hardcoded login credentials in a tool, raising concerns about data security.

Teknolojia

Google report warns of shifting cloud threat landscape

Teknolojia

Alleged Salt Typhoon hackers received Cisco training

Teknolojia

Zyxel warns of critical RCE flaw in over a dozen routers

Veeam patches three critical security flaws in backup servers

Veeam has addressed three critical-severity security vulnerabilities that could expose backup servers to remote code execution attacks. The company issued patches to mitigate these risks. The announcement highlights ongoing concerns in cybersecurity for data protection tools.

Apple fixes zero-day flaws in WebKit for sophisticated attacks

Imeripotiwa na AI

Apple has addressed two zero-day vulnerabilities in its WebKit engine that were exploited in sophisticated attacks. The company released patches to fix these bugs, enhancing security for users of its devices.

Thousands of Korean Air employees exposed in Oracle breach

Korean Air, a major South Korean airline, has been affected by a supply-chain attack originating from Oracle, resulting in the exposure of thousands of its employees' information. The incident highlights vulnerabilities in third-party software services. Details emerged in a recent security report.

Critical flaws discovered in n8n workflow tool

Imeripotiwa na AI

Security researchers have uncovered critical vulnerabilities in the n8n automation tool. A previously released patch failed to fully address the issues, leaving users exposed. Experts provide guidance on protecting systems amid these discoveries.

Jumatano, 11. Mwezi wa tatu 2026, 02:47:16

Dutch intelligence accuses Russia of hacker attacks on WhatsApp and Signal

Jumanne, 10. Mwezi wa pili 2026, 10:59:26

BeyondTrust RCE flaw enables code execution without login

Jumatano, 4. Mwezi wa pili 2026, 19:25:39

Russian hackers exploit Microsoft Office vulnerability days after patch

Jumatano, 14. Mwezi wa kwanza 2026, 15:36:41

China directs firms to halt use of US and Israeli cybersecurity software

Alhamisi, 8. Mwezi wa kwanza 2026, 09:42:35

Congressional staff emails hacked in Salt Typhoon campaign

Alhamisi, 8. Mwezi wa kwanza 2026, 07:18:04

China-linked UAT-7290 targets telecoms with Linux malware

Jumapili, 4. Mwezi wa kwanza 2026, 12:46:54

Chinese cyberattacks on Taiwan average 2.6 million daily in 2025

Jumatatu, 29. Mwezi wa kumi na mbili 2025, 00:35:46

Cybersecurity breaches define troubling year in 2025

Jumamosi, 13. Mwezi wa kumi na mbili 2025, 23:54:19

China-nexus groups and cybercriminals ramp up React2Shell exploits

Jumatano, 10. Mwezi wa kumi na mbili 2025, 07:11:22

North Korean hackers exploit maximum severity React2Shell flaw

 

 

 

Tovuti hii inatumia vidakuzi

Tunatumia vidakuzi kwa uchambuzi ili kuboresha tovuti yetu. Soma sera ya faragha yetu kwa maelezo zaidi.
Kataa