Security researchers say attackers are actively exploiting a newly disclosed zero-day vulnerability in a widely used enterprise software platform, putting government and energy networks at risk across multiple countries. The flaw appears to be a live entry point for ransomware crews seeking fast access to sensitive systems.

According to the report, the campaign has already targeted critical infrastructure environments, raising concerns about operational disruptions and data theft. The confirmed exploitation underscores how quickly criminal groups can weaponize newly discovered bugs before many organizations have time to patch.

Cybersecurity teams are urging affected operators to identify exposed systems, apply vendor guidance as soon as possible, and increase monitoring for unusual activity. Officials and security specialists often treat these incidents as a race between defenders trying to close the hole and attackers trying to widen their foothold.

The episode adds to broader warnings about the fragility of essential digital systems, where a single software weakness can ripple across public services and energy delivery. Researchers say rapid patching, segmentation, and stronger incident response remain critical to limiting damage.