Following is a summary of the latest updates:

• (In ESCU version 5.15.2): ESCU 5.15.2 fixes incorrect reference links, CVE tags, and MITRE mappings introduced for ArcaneDoor in ESCU version 5.15.0 and adds a new generic analytic story.

• (In ESCU version 5.15.0):ArcaneDoor: A new analytic story to help security teams detect exploitation of Cisco ASA or Firewall zero-day vulnerabilities (CVE-2025-20333 & CVE-2025-20362), which is tied to the recent state-sponsored activity. This story introduces two new detections, focused on identifying suspicious behaviors that might indicate attempts to disable or suppress logging. In addition, the Cisco Secure Firewall Intrusion Events by Threat Activity lookup is updated with the latest Snort IDs to ensure more accurate coverage of related threats.