Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances Cisco has alerted users a maximum-severity zero-day flaw software that been actively exploited by China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 attacks targeting Secure Gateway and Web Manager. The networking equipment major said it became aware the intrusion campaign on December 10, 2025, singled out "limited subset appliances" with certain ports open to internet. It's currently not known how many customers are affected. "This attack allows actors execute arbitrary commands root privileges underlying operating system an affected appliance," advisory. "The ongoing investigation revealed evidence persistence mechanism planted maintain degree control over compromised appliances." as-yet-unpatched vulnerability is being tracked as CVE-2025-20393 , ... https://thehackernews.com/2025/12/cisco-warns-of-active-attacks.html