Despite operating in a reduced capacity, the US cybersecurity agency CISA has issued a warning about ongoing attacks exploiting vulnerabilities in Chrome, Zimbra, ThreatSonar, and an ActiveX module.