Security News Hackers exploit critical unpatched flaw in Zyxel CPE devices BleepingComputer Daniel Bender 29 Jan 2025 Share Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July.