The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2025-59374 (CVSS score: 9.3), has been described as an “embedded malicious code vulnerability” introduced by means of a supply chain compromise
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/12/cisa-flags-critical-asus-live-update.html
