Tag: zero-day
-
Emergency Patch Issued for Microsoft Office 365 Over Hacking Threat
Urgent Security Update for Microsoft Office 365 An emergency security patch has been released for Microsoft Office and Office 365 amid a growing hacking threat that could compromise email, documents, and collaboration tools. Cybersecurity researchers and Microsoft’s security team warn that attackers are exploiting a zero-day or recently disclosed vulnerability to gain unauthorized access, exfiltrate…
-
Cisco Releases Security Updates to Patch Zero-Day AsyncOS Flaw (CVE-2025-20393)
Overview: Cisco closes a dangerous AsyncOS flaw Cisco has issued security updates for its Email Security Gateway (Secure Email and Web Manager) devices to address a critical vulnerability in AsyncOS, tracked as CVE-2025-20393. This zero-day flaw was actively exploited by suspected state‑sponsored actors, notably from China, underscoring the urgency for timely patching across affected deployments.…
-
Cisco Fixes AsyncOS Zero-Day Exploited in the Wild: CVE-2025-20393
Overview: Cisco addresses AsyncOS zero-day exploitation Cisco has released security updates for its Email Security Gateway (ESG) and Secure Email and Web Manager (SEWM) devices to remediate a critical vulnerability in AsyncOS, tracked as CVE-2025-20393. The flaw was actively exploited as a zero-day by a group believed to be working on behalf of a nation-state,…
-
Cisco Ships Critical AsyncOS Patch to Close CVE-2025-20393 Exploited as Zero-Day
Overview: Cisco Addresses a Zero-Day in AsyncOS Cisco has released security updates for its Email Security Gateway (ESG) and Secure Email and Web Manager (SEWM) devices to fix a critical vulnerability known as CVE-2025-20393 in the AsyncOS operating system. The flaw, which was exploited as a zero-day by suspected attackers linked to Chinese threat actors,…
-
Amazon Reveals Exploitation of Cisco ISE and Citrix NetScaler Zero-Days by Advanced Threat Actor
Uncovering a Sophisticated Targeting Campaign Amazon’s threat intelligence team has disclosed an alarming trend in which an advanced threat actor exploited two zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix NetScaler ADC. The revelations shed light on a calculated campaign designed to penetrate certain networks before security teams could fully recognize the scope…
-
Zero-Day Attacks Hit Cisco ISE and Citrix NetScaler, Amazon Reveals
Overview: Two Zero-Days Exploited in Enterprise Appliances Amazon’s threat intelligence unit disclosed that an advanced threat actor was observed exploiting two then-zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix NetScaler ADC products. The attacks were designed to gain unauthorized access, move laterally within networks, and potentially exfiltrate data. While the specifics of the…
-
Amazon Reveals Zero-Day Attacks Exploiting Cisco ISE and Citrix NetScaler Flaws
Overview: Zero-Day Vulnerabilities at the Center of a Sophisticated Campaign Amazon’s threat intelligence team has shed light on a dangerous campaign in which an advanced threat actor exploited two previously unknown vulnerabilities—one in Cisco Identity Services Engine (ISE) and another in Citrix NetScaler ADC. The discoveries, described as zero-day flaws at the time of exploitation,…