Critical Zero-Days in Cisco, Chrome, and WatchGuard Actively Exploited; React2Shell Weaponized for Ransomware
Summary
This cybersecurity brief for December 19, 2025, covers a surge in critical vulnerability exploitation. Multiple threat actors are leveraging the React2Shell flaw (CVE-2025-55182) to deploy ransomware. Concurrently, a China-linked APT is exploiting a zero-day in Cisco email gateways (CVE-2025-20393), and actively exploited flaws in WatchGuard firewalls and Google Chrome are putting networks and users at severe risk. Other major incidents include critical patches for HPE OneView, significant data breaches at SoundCloud and 700Credit, and new regulatory updates from the UK.
Today New Articles
China-Linked Hackers Exploit Critical Cisco Email Gateway Zero-Day
Cisco has revealed that a China-affiliated advanced persistent threat (APT) group, tracked as UAT-9686, is actively exploiting a critical zero-day vulnerability in its email security products. The flaw, CVE-2025-20393, is a remote code execution vulnerability...
HPE Issues Urgent Patch for 10.0 CVSS RCE Flaw in OneView
Hewlett Packard Enterprise (HPE) has released an urgent security advisory for CVE-2025-37164, a critical vulnerability in its OneView infrastructure management software with a maximum CVSS score of 10.0. The flaw allows a remote, unauthenticated attacker to ac...
Actively Exploited RCE Flaw in WatchGuard Firewalls Puts Networks at Risk
WatchGuard has issued an urgent advisory for customers to patch CVE-2025-14733, a critical remote code execution vulnerability in its Fireware OS that is confirmed to be under active exploitation. The flaw, an out-of-bounds write issue in the IKEv2 process, ha...
Manufacturing Web Portals Are a Weak Link in Supply Chain Attacks
A new report reveals that cybercriminals are increasingly targeting manufacturers through their public-facing web portals, such as supplier and customer forms, to execute supply chain attacks. Attackers are using bots and SQL injection to compromise these form...