Chinese hackers, specifically Storm-1849, continue targeting Cisco ASA devices used by government and financial institutions worldwide. Despite urgent patching advisories, these threat actors persist in exploiting vulnerabilities, gaining widespread attention from cybersecurity agencies. #Storm1849 #CiscoASA #CISA #ArcaneDoor
Keypoints
- Storm-1849 is a China-based threat group actively targeting Cisco ASA firewalls globally.
- They exploit vulnerabilities CVE-2025-30333 and CVE-2025-20362, often chaining both bugs during attacks.
- U.S., Indian, European, and other international agencies have seen targeted scanning and exploitation activities.
- Despite emergency patches issued by CISA, hackers continue to exploit unpatched Cisco ASA devices.
- Researchers link these cyber campaigns to Chinese threat actors involved in previous operations like ArcaneDoor.
Read More: https://therecord.media/chinese-hackers-scan-exploit-firewalls-government