Cisco News Articles
Recent news articles refferecing the vendors vulnerabilities.
Help Net SecurityWeek in review: Claude Mythos finds 271 Firefox flaws, Vercel breach - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SmokedMeat: Open-source tool shows what attackers do
5 days ago
The Hacker NewsCVE-2025-20333FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
FIRESTARTER backdoor hit Cisco ASA in Sept 2025, persists after patching CVE-2025-20333, risking continued federal network access.
6 days ago
CISA flags new SD-WAN flaw as actively exploited in attacks
CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager vulnerability it flagged as actively exploited in attacks.
1 week ago
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Cisco patches four CVEs up to CVSS 9.9 in ISE and Webex, preventing code execution and user impersonation risks.
2 weeks ago
Cisco finally fixes AsyncOS zero-day exploited since November
Cisco finally patched a maximum-severity AsyncOS zero-day exploited in attacks targeting Secure Email Gateway (SEG) appliances since November 2025.
The Hacker NewsCVE-2025-20393Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways
Cisco released fixes for CVE-2025-20393, a CVSS 10.0 zero-day RCE flaw in AsyncOS exploited by a China-linked APT via email security appliances.
Cisco warns of Identity Service Engine flaw with exploit code
Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin privileges.
ts2.techCVE-2025-20393Cisco Systems (CSCO) News on Dec. 25, 2025: AI Networking Tailwinds, FY2026 Forecasts, and a Critical Email-Security Zero-Day
Cisco Systems (CSCO) News on Dec. 25, 2025: AI Networking Tailwinds, FY2026 Forecasts, and a Critical Email-Security Zero-Day - TechStock²
ts2.techCVE-2025-20393Cisco Stock (CSCO) After Hours on Dec. 24, 2025: Holiday Close, Today’s News & Forecasts, and What to Watch Before Markets Reopen
Cisco Stock (CSCO) After Hours on Dec. 24, 2025: Holiday Close, Today’s News & Forecasts, and What to Watch Before Markets Reopen - TechStock²
CybersecurityNewsCVE-2025-20393100+ Cisco Secure Email Devices Exposed to Zero‑Day Exploited in the Wild
Security researchers have identified at least 120 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices vulnerable to a critical zero-day flaw that attackers are actively exploiting in the wild.
Cisco VPNs, Email Services Hit in Separate Threat Campaigns
The company suffered one sophisticated five-alarm campaign and one messy spray-and-pray attack, mere days apart.
Arctic WolfCVE-2025-20393CVE-2025-20393 | Arctic Wolf
Cisco published an advisory detailing a new threat campaign, affecting the Cisco AsyncOS software used on Cisco Secure Email Gateway and Cisco Secure Email and Web Manager.
CybersecurityNewsCVE-2025-20393New Tool Released to Detect Cisco Secure Email Gateway 0-Day Vulnerability Exploited in the Wild
A lightweight Python script to help organizations quickly identify exposure to CVE-2025-20393, a critical zero-day vulnerability in Cisco Secure Email Gateway (SEG) and Secure Malware Analytics (SMA), also known as Cisco Secure Email and Web Manager.
CVE-2025-20393 Exploitation: A Maximum-Severity Zero-Day Vulnerability in Cisco AsyncOS Software Abused in Attacks by the China-Backed APT UAT-9686 | SOC Prime
Explore details for CVE-2025-20393, a max-severity Cisco AsyncOS zero-day vulnerability exploited by UAT-9686 APT, with an analysis on the SOC Prime blog.
Cisco has a 'Chinese warning': Critical flaw gives Chinese hackers complete access to... - The Times of India
Tech News News: Chinese hackers are exploiting a critical Cisco email security flaw, gaining root access and installing backdoors. This zero-day vulnerability, CVE-2
The Cyber ExpressCVE-2025-20393Cisco CVE-2025-20393 Cyberattack On Secure Email Appliances
Critical cyberattack targets Cisco Secure Email Gateway and Web Manager (CVE-2025-20393).
The Hacker NewsCVE-2025-20393Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances
Cisco confirms an unpatched CVSS 10.0 zero-day in AsyncOS actively exploited to gain root access on email security appliances.
China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear
Chinese threat group UAT-9686 has been exploiting the zero-day CVE-2025-20393 to hack Cisco security appliances.
China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear
Chinese threat group UAT-9686 has been exploiting the zero-day CVE-2025-20393 to hack Cisco security appliances.
CVE-2025-20337: Actionable Report for SOC Teams
Review attack flow, detection code, and simulation test for CVE-2025-20337 vulnerability.
"Patched" but still exposed: US federal agencies must remediate Cisco flaws (again) - Help Net Security
CISA has ordered US federal agencies to fully address CVE-2025-20333 and CVE-2025-20362 in Cisco ASA and Firepower devices.
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
TechNaduAPT Exploits Cisco and Citrix Zero-Day Vulnerabilities - TechNadu
Amazon has discovered an APT exploiting zero-days in Cisco ISE (CVE-2025-20337) and Citrix systems (CVE-2025-5777) with custom malware.
Cyber PressCVE-2025-20337Active Campaign Uses Cisco and Citrix 0-Days to Deploy Persistent Webshells
Amazon's threat intelligence team has uncovered a coordinated cyber campaign targeting Cisco Identity Service Engine (ISE) and Citrix systems
CyberScoopAmazon pins Cisco, Citrix zero-day attacks to APT group
The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon.