The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity.
Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive.
The actively exploited defect, triggered by an attacker’s use of a publicly available sample machine key, underscores the vendor and customers’ poor configuration practices.
The Apple Inc logo is displayed outside a retail store at the Third Street Promenade in Santa Monica, California on March 20, 2023. (Photo by PATRICK T. FALLON/AFP via Getty Images)
The defect, which affects the company’s most popular devices, has been exploited in an “extremely sophisticated attack against specific targeted individuals,” Apple said.
The China-affiliated espionage group, which CrowdStrike tracks as Murky Panda, has been linked to more than a dozen incident response cases since late spring.
A corporate logo for Microsoft hangs above the door to its office building on 8th Avenue on June 24, 2025, in New York City. (Photo by Gary Hershorn/Getty Images)
The initiative seeks to patch vulnerabilities in open-source code before they are exploited by would-be attackers. Now comes the hard part — putting the systems to the…
About 20 organizations have been impacted and the pace of attacks is rising. Threat researchers and SonicWall are scrambling to determine the root cause.
Google wants to shorten delays in the vulnerability lifecycle by sharing limited details about newly discovered defects within a week of reporting to the affected vendor.