CISA alerts federal agencies of widespread attacks using Cisco zero-days | CyberScoop<\/title> <meta name=\"description\" content=\"Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cisa-emergency-directive-cisco-zero-days\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"CISA alerts federal agencies of widespread attacks using Cisco zero-days\"> <meta property=\"og:description\" content=\"Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cisa-emergency-directive-cisco-zero-days\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-09-25T19:05:34+00:00\"> <meta property=\"article:modified_time\" content=\"2025-09-25T19:05:37+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg\"> <meta property=\"og:image:width\" content=\"6000\"> <meta property=\"og:image:height\" content=\"3375\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1754500264g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1758741389g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1753281318g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/86137\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=86137\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-emergency-directive-cisco-zero-days%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-emergency-directive-cisco-zero-days%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-86137 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cisa-emergency-directive-cisco-zero-days\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.466743119266\">\n<div class=\"single-article__header-content\" readability=\"34.546318289786\">\n<p> Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/86137\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"360\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days.jpg?resize=640%2C360&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt=\"DHS, Department of Homeland Security, cybersecurity, Cyber Storm\" decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg 6000w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg?resize=300,168 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg?resize=768,432 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg?resize=1024,576 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg?resize=1536,864 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg?resize=2048,1152 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg?resize=600,337 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg?resize=1200,675 1200w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-2.jpg?resize=1500,843 1500w\" sizes=\"(max-width: 1200px) 100vw, 1200px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"42.920661157025\"><body readability=\"89.034352941176\"><\/p>\n<p>Federal cyber authorities sounded a rare alarm Thursday, issuing an <a href=\"https:\/\/www.cisa.gov\/news-events\/directives\/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices\">emergency directive<\/a> about an ongoing and widespread attack spree involving actively exploited zero-day vulnerabilities affecting Cisco firewalls. <\/p>\n<p>Cisco said it began investigating <a href=\"https:\/\/sec.cloudapps.cisco.com\/security\/center\/resources\/asa_ftd_continued_attacks\">attacks on multiple government agencies<\/a> linked to the state-sponsored campaign in May. The vendor, which attributes the attacks to the same threat group behind an early 2024 campaign targeting Cisco devices it dubbed \u201c<a href=\"https:\/\/blog.talosintelligence.com\/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices\/\">ArcaneDoor<\/a>,\u201d said the new zero-days were exploited to \u201cimplant malware, execute commands, and potentially exfiltrate data from the compromised devices.\u201d <\/p>\n<p>Cisco disclosed three vulnerabilities affecting its Adaptive Security Appliances \u2014 <a href=\"https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-webvpn-z5xP8EUB\">CVE-2025-20333<\/a>, <a href=\"https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-http-code-exec-WmfP3h3O\">CVE-2025-20363<\/a> and <a href=\"https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-webvpn-YROOTUW\">CVE-2025-20362<\/a> \u2014 but said \u201cevidence collected strongly indicates CVE-2025-20333 and CVE-2025-20362 were used by the attacker in the current attack campaign.\u201d <\/p>\n<p>The Cybersecurity and Infrastructure Security Agency said those two zero-days pose an \u201cunacceptable risk\u201d to federal agencies and require immediate action. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Federal agencies are required to hunt for evidence of compromise, report findings and disconnect compromised devices by the end of Friday. Agencies running Cisco ASA firewalls are also required to apply Cisco\u2019s patches or permanently disconnect end-of-life devices by the end of Friday.<\/p>\n<p>\u201cCISA is directing federal agencies to take immediate action due to the alarming ease with which a threat actor can exploit these vulnerabilities, maintain persistence on the device, and gain access to a victim\u2019s network,\u201d CISA Acting Director Madhu Gottumukkala said in a statement.<\/p>\n<p>Cisco did not fully explain why it waited four months from its initial response to the attacks on federal agencies to disclose the malicious activity and patch the zero-day vulnerabilities. <\/p>\n<p>The attackers \u201cemployed advanced evasion techniques such as disabling logging, intercepting command-line interface commands, and intentionally crashing devices to prevent diagnostic analysis. The complexity and sophistication of this incident required an extensive, multi-disciplinary response across Cisco\u2019s engineering and security teams,\u201d the company said. <\/p>\n<p>CISA did not immediately respond to questions about why it waited four months to issue an emergency directive.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The agency described the campaign as widespread, resulting in remote-code execution and manipulation of read-only memory that persists through reboots and system upgrades. While CISA\u2019s emergency directive only applies to federal agencies, the private sector often follows these urgent warnings closely.<\/p>\n<p>\u201cThe same risks apply to any organizations using these devices. We strongly urge all entities to adopt the actions outlined in this emergency directive,\u201d Gottumukkala said.<\/p>\n<p>Cisco and CISA did not attribute the espionage attacks to a specific nation state, but Censys researchers previously said it found compelling evidence indicating a <a href=\"https:\/\/censys.com\/blog\/analysis-of-arcanedoor-threat-infrastructure-suggests-potential-ties-to-chinese-based-actor\">threat group based in China<\/a> was behind the ArcaneDoor campaign last year. Censys noted it found evidence of multiple major Chinese networks and Chinese-developed anti-censorship software during its investigation into the early 2024 attacks.<\/p>\n<p>The latest attacks initiated by the espionage group, tracked as UAT4356 by Cisco Talos and Storm-1849 by Microsoft Threat Intelligence, are a continuation or resurgence of that previous campaign involving new zero-days. <\/p>\n<p>Cisco said remote attackers can \u201cgain full control of an affected device\u201d by chaining together the vulnerabilities, two of which are designated as critical. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>When Storm-1849 was first identified in early 2024, the espionage group was targeting international entities, according to Sam Rubin, senior vice president of Palo Alto Networks\u2019 Unit 42. Unit 42 also considers Storm-1849 to be affiliated with China.<\/p>\n<p>\u201cOver the past year, Unit 42 has observed them evolve their toolkit and in recent months their focus has shifted towards entities in the United States,\u201d he said. \u201cAs we have seen before, now that patches are available, we can expect attacks to escalate as cybercriminal groups quickly figure out how to take advantage of these vulnerabilities.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.0713073005093\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/cisa-emergency-directive-cisco-zero-days\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA alerts federal agencies of widespread attacks using Cisco zero-days<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[999,271,1764,724,78,452,1861,3119,117,467,715,256,288,183,1544,1170],"tags":[1002,277,1769,727,86,454,1862,3120,119,471,720,262,294,207,1545,1171],"class_list":["post-8022","post","type-post","status-publish","format-standard","hentry","category-censys","category-china","category-cisco","category-cisco-talos","category-cybersecurity","category-cybersecurity-and-infrastructure-security-agency-cisa","category-emergency-directive","category-firewall","category-government","category-microsoft-threat-intelligence-center","category-palo-alto-networks","category-research","category-threats","category-unit-42","category-zero-day","category-zero-days","tag-censys","tag-china","tag-cisco","tag-cisco-talos","tag-cybersecurity","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-emergency-directive","tag-firewall","tag-government","tag-microsoft-threat-intelligence-center","tag-palo-alto-networks","tag-research","tag-threats","tag-unit-42","tag-zero-day","tag-zero-days"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/censys\/\" rel=\"category tag\">Censys<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/china\/\" rel=\"category tag\">China<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cisco\/\" rel=\"category tag\">Cisco<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cisco-talos\/\" rel=\"category tag\">Cisco Talos<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/emergency-directive\/\" rel=\"category tag\">emergency directive<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/firewall\/\" rel=\"category tag\">firewall<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/microsoft-threat-intelligence-center\/\" rel=\"category tag\">Microsoft Threat Intelligence Center<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/palo-alto-networks\/\" rel=\"category tag\">Palo Alto Networks<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/unit-42\/\" rel=\"category tag\">Unit 42<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-day\/\" rel=\"category tag\">Zero-day<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-days\/\" rel=\"category tag\">zero-days<\/a>","tag_info":"zero-days","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8022","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8022"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8022\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8022"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8022"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8022"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8022,"date":"2025-09-25T14:05:34","date_gmt":"2025-09-25T19:05:34","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=86137"},"modified":"2025-09-25T14:05:34","modified_gmt":"2025-09-25T19:05:34","slug":"cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/09\/25\/cisa-alerts-federal-agencies-of-widespread-attacks-using-cisco-zero-days\/","title":{"rendered":"CISA alerts federal agencies of widespread attacks using Cisco zero-days"},"content":{"rendered":"