Zero-Day

Cisco has issued an alert regarding a maximum severity zero-day vulnerability in its Cisco AsyncOS software. This flaw has been actively exploited by an advanced persistent threat (APT) actor with ties to China, dubbed UAT-9686, in attacks targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. Threat Details The intrusion campaign was detected on December 10, 2025. Cisco identified that a limited subset of its appliances, with specific ports exposed to the Internet, were targeted. The vulnerability, tracked as CVE-2025-20393, has a CVSS score of 10.0 and allows attackers to execute arbitrary commands with root privileges on the underlying operating system of the affected appliance. Attackers have managed to establish persistence mechanisms to maintain control over compromised systems. ...

Google released a security update for Chrome on December 10, patching three new vulnerabilities, including a high-severity one that is being actively exploited in the wild. This vulnerability represents the eighth Chrome zero-day exploited in 2025. The High Severity Zero-Day Vulnerability Google has issued a security advisory to address a high severity zero-day vulnerability. At the time of publication, Google has not assigned a CVE (Common Vulnerabilities and Exposures) to this flaw. Instead, it is referenced by Google’s internal tracking ID, 466192044. ...

A joint investigation by Amnesty International, Haaretz, Inside Story and Inside IT has revealed that the human rights lawyer from Balochistan province, Pakistan, was the target of Intellexa’s Predator spyware. This incident marks the first time that a member of civil society in Pakistan has been targeted by this surveillance tool. The attack was carried out using a suspicious link sent by WhatsApp, which Amnesty International identified as an “attempted Predator attack” based on its technical behavior and characteristics. ...

The third quarter of 2025 saw a significant increase in ransomware attacks, with an 11% increase in data breach publications compared to the previous quarter. According to a report from Beazley Security, only three ransomware groups were responsible for the majority of cases (65%), with the primary initial entry route being compromised VPN credentials. Dominant Ransomware Groups The three most prolific ransomware groups in the third quarter were Akira, Qilin, and INC Ransomware. These groups have demonstrated great operational capacity, contributing to the vast majority of reported incidents. ...