The Hacker News

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Cisco released fixes for CVE-2025-20393, a CVSS 10.0 zero-day RCE flaw in AsyncOS exploited by a China-linked APT via email ...
Hosted on MSN

Cisco email security products actively targeted in zero-day campaign

Cisco confirms zero‑day (CVE‑2025‑20393) in Secure Email appliances exploited by China‑linked actors Attackers deployed Aquashell backdoor, tunneling tools, and log‑clearing utilities for persistence ...