The Hacker News

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Cisco released fixes for CVE-2025-20393, a CVSS 10.0 zero-day RCE flaw in AsyncOS exploited by a China-linked APT via email ...

Cisco finally fixes AsyncOS zero-day exploited since November

Cisco finally patched a maximum-severity AsyncOS zero-day exploited in attacks targeting Secure Email Gateway (SEG) ...
SecurityWeek

Cisco Patches Vulnerability Exploited by Chinese Hackers

Cisco patched an Email Gateway and Secure Email zero-day exploited by Chinese hackers to deploy the AquaShell backdoor.

Patch now! Critical Cisco vulnerability exploited since December 2025

Attackers compromise Cisco Secure Email Gateway and Secure Email and Web Manager via a root vulnerability. Security updates are now available.
Bleeping Computer

Latest Secure Email Gateway news

Cisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) ...
Forbes

Cisco Secure Email Attacks: 0-Day Exploit Confirmed, No Fix Available

“There are no workarounds identified that directly mitigate the risk concerning this attack campaign,” is not what you want to read, having just been informed of a zero-day exploit concerning a Common ...
Hosted on MSN

Attacks pummeling Cisco AsyncOS 0-day since late November

Suspected Chinese-government-linked threat actors have been battering a maximum-severity Cisco AsyncOS zero-day vulnerability in some Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) ...