The Journey of Life.....: 🔒 Cybersecurity [21-Dec-2025]

Sunday, December 21, 2025

🔒 Cybersecurity

CVE-2025-20393: Critical Cisco Email Gateway RCE (CVSS 10.0) - Critical remote code execution vulnerability actively exploited in Cisco Secure Email Gateways by China-nexus threat actors. Immediate patching required. Source: Corelight
WatchGuard Firebox Critical RCE Under Active Exploitation - CVE-2025-14733 (CVSS 9.3) in WatchGuard Fireware OS is actively being exploited; CISA added to Known Exploited Vulnerabilities list. Source: The Register

Cisco VPN and Email Services Hit in Separate Threat Campaigns - Threat actors exploit CVE-2025-20393 to execute system commands and deploy malware across vulnerable Cisco appliances. Source: Dark Reading

Airbus Migrates Critical Apps to Sovereign Euro Cloud - Major European aerospace firm moves critical infrastructure to European-controlled cloud infrastructure for data sovereignty and security. Source: The Register

CISA Flags ICS Vulnerabilities in Industrial Control Systems - Multiple critical vulnerabilities discovered in industrial control systems from Siemens, Schneider Electric, and Rockwell Automation. Source: Industrial Cyber
CISA Alerts on Chromium Zero-Day CVE-2025-14174 - CISA added Chromium vulnerability to Known Exploited Vulnerabilities catalog; federal agencies mandated to patch immediately. Source: CyberPress

Fortinet Critical Authentication Bypass Vulnerabilities - CVE-2025-59718 and CVE-2025-59719 identified as critical authentication bypass flaws requiring immediate attention. Source: VulnCheck