Critical Zero-Days in Cisco, React, and Android Under Active Attack; WatchGuard & Fortinet Race to Patch Exploited Flaws
Summary
This cybersecurity brief for December 24, 2025, covers a surge of actively exploited critical vulnerabilities. Chinese state-sponsored actors are leveraging a CVSS 10.0 zero-day in Cisco email gateways, while another CVSS 10.0 flaw, React2Shell, is being used by nation-states against SaaS and FinTech firms. CISA has issued urgent patch deadlines for these, as well as for exploited flaws in WatchGuard firewalls, Fortinet devices, and the Android OS. Major data breaches were also disclosed, with Nissan confirming a supply chain attack via Red Hat affecting 21,000 customers, and the University of Sydney reporting a breach impacting 27,000 individuals due to a DevSecOps failure.
Today New Articles
High-Severity Flaws in 'TheGem' WordPress Plugin Expose Sites to RFI and XSS Attacks
Security researchers have disclosed two vulnerabilities in the 'TheGem Theme Elements' plugin for WordPress, affecting versions up to 5.10.5.1. The more severe flaw, CVE-2025-68560, is a high-risk PHP Remote File Inclusion (RFI) vulnerability with a CVSS score...
Warning Issued for 'Crystal PDF Converter' Malware Targeting U.S. Government Networks
The Center for Internet Security (CIS) has issued an advisory about a malicious software campaign disguised as a legitimate tool named 'Crystal PDF Converter.' Activity associated with this malware has been detected on the networks of U.S. State, Local, Tribal...
Article Updates
CISA Adds Actively Exploited Fortinet SSO Flaw to KEV Catalog, Urges Immediate Patching
Update:The federal agency patch deadline of December 23, 2025, for CVE-2025-59718 has now passed. This update provides enhanced technical analysis, including specific MITRE ATT&CK TTPs such as Defense Evasion (T1553.002), Initial Access (T1190), and Privilege Escalat...