Cisco has warned of a decade-old security flaw that is currently being exploited. The flaw poses a serious threat to users and organizations as attackers are actively taking advantage of it. Cisco is urging users to update their systems and take necessary precautions to protect against potential attacks.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and