\n<\/p>\n
On Wednesday, Cisco revealed that a group of Chinese government-backed hackers is exploiting a vulnerability<\/a> to target its enterprise customers who use some of the company\u2019s most popular products.<\/p>\n Cisco has not said how many of its customers have already been hacked, or may be running vulnerable systems. Now, security researchers say there are hundreds of Cisco customers who could potentially be hacked.<\/p>\n Piotr Kijewski, the chief executive of the nonprofit Shadowserver Foundation that scans and monitors the internet for hacking campaigns, told TechCrunch that the scale of exposure \u201cseems more in the hundreds rather than thousands or tens of thousands.\u201d<\/p>\n Kijewski said the foundation was not seeing widespread activity, presumably because \u201ccurrent attacks are targeted.\u201d\u00a0<\/p>\n Shadowserver has a page<\/a> where it\u2019s tracking the number of systems that are exposed and vulnerable to the flaw disclosed by Cisco, named officially as CVE-2025-20393. The vulnerability is known as a zero-day<\/a>, because the flaw was discovered before the company had time to make patches available. As of press time, India, Thailand, and the United States collectively have dozens of affected systems within their borders.<\/p>\n Censys, a cybersecurity firm that monitors hacking activities across the internet, is also seeing a limited number of affected Cisco customers. According to a blog post<\/a>, Censys has observed 220 internet-exposed Cisco email gateways, one of the products known to be vulnerable.\u00a0\u00a0<\/p>\n \t\t\tDo you have more information about this hacking campaign? Such as what companies were targeted? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email<\/a>.<\/a>\t\t<\/div>\nContact Us<\/h4>\n