CISA Issues Emergency Directive After Nearly Year-Long Cisco Zero-Day Attack Campaign

CISA issues emergency directive as Chinese-linked attackers exploit Cisco firewall vulnerabilities, urging federal agencies to act swiftly.

By Content Team

Sep 26, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

The Cybersecurity and Infrastructure Security Agency issued an emergency directive Thursday after discovering attackers have been exploiting Cisco firewall vulnerabilities since at least November 2024. The attacks began with reconnaissance activity and escalated to memory modification on hundreds of federal government firewalls.

Cisco launched its investigation in May but waited four months to disclose the vulnerabilities and release patches. CISA's Chris Butera said the delay was necessary for proper investigation and patch development. Federal agencies must take immediate action by Friday's deadline.

While officials won't confirm attribution, outside researchers link the espionage campaign to Chinese state-sponsored groups. CISA warns attackers may accelerate or shift tactics now that the vulnerabilities are public.

Source: CyberScoop

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Hackers Threaten Rockstar Games Over Grand Theft Auto VI Data Breach

Apr 14, 2026

Denmark Accuses Russia of Cyberattacks on Water Systems and Election Websites

Dec 21, 2025

Adobe Reader Zero-Day Exploit Actively Stealing User Data

Apr 9, 2026

FBI Probes Cyber Attack on System Containing Surveillance Data

Mar 7, 2026