Security researchers say attackers are taking advantage of a previously unknown software flaw in a widely used enterprise platform to break into government networks. The vulnerability, described as a zero-day, gives defenders little time to respond because no public patch was available when the intrusions began.

According to the warning, the campaign has been focused and limited in scope, with multiple government agencies appearing to be the targets. The report did not identify the attackers, but it underscored how quickly a single unpatched weakness can become a national security issue when it sits inside commonly deployed systems.

Cybersecurity teams are now racing to contain the damage, assess which systems may have been exposed, and apply mitigations as vendors work on fixes. Incidents like this highlight a persistent problem for public institutions: even routine software can become a doorway for espionage, disruption, or data theft when defenses lag behind attackers.

Officials and security experts continue to urge organizations to prioritize patch management, network monitoring, and incident response planning. In the current threat environment, targeted exploitation of enterprise software remains one of the most effective ways for hackers to gain access to sensitive government infrastructure.