CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
Summary
CISA has issued a warning for government agencies to patch two actively exploited vulnerabilities in Synacor Zimbra Collaboration Suite and Microsoft Office SharePoint. One of these vulnerabilities, CVE-2025-66376, is a stored cross-site scripting flaw with a CVSS score of 7.2. The article also mentions Cisco zero-day vulnerabilities being exploited in ransomware attacks.
IFF Assessment
Actively exploited vulnerabilities and zero-days in widely used software indicate ongoing threats and successful attacks against organizations.
Severity
Defender Context
Defenders must prioritize patching for Zimbra and SharePoint, as these vulnerabilities are already being weaponized. The mention of Cisco zero-days in ransomware attacks highlights the need for continuous monitoring and proactive threat hunting for unpatched systems and potential indicators of compromise.