Tag: cisa
347 articles

CISA Warns of Active Exploits Targeting FortiSandbox Flaws
Critical FortiSandbox flaws, CVE-2026-39808 and CVE-2026-25089, are under active attack by hackers, allowing them to execute malicious commands without needing login credentials. These severe vulnerabilities, scoring 9.1, require immediate attention to prevent devastating remote code execution attacks.

CISA Orders Emergency Patch for Exploited Fortinet Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to patch or mitigate two critical Fortinet vulnerabilities within a tight three-day window, underscoring the severity of these flaws. This urgent action follows the discovery of a critical OS command injection vulnerability in FortiSandbox, allowing attackers to execute unauthorized code or commands.

CISA Warns of Actively Exploited Fortinet Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on actively exploited Fortinet flaws, warning federal agencies to patch two vulnerabilities in the Fortinet FortiSandbox platform by July 19 to avoid potential breaches. Don't wait - prioritize patching to protect your systems from exploitation.

CISA Mandates Patching of Exploited Oracle Flaw by Saturday
Federal cyber authorities are sounding the alarm: a high-risk flaw in Oracle E-Business Suite, already being exploited by hackers, must be patched by Saturday to prevent takeover of vulnerable systems. Over 1,000 Internet-exposed instances are at risk, with more than half located in the United States.

US Launches Gold Eagle for AI-Driven Vulnerability Coordination
The US government has unveiled Gold Eagle, a game-changing program that turbocharges vulnerability coordination by uniting federal agencies with private sector partners to swiftly identify and patch cyber threats. This innovative effort aims to safeguard the nation's financial institutions and protect the integrity of the US financial system like never before.

CISA Warns of Actively Exploited SharePoint Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned of three SharePoint vulnerabilities, including CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164, that are being actively exploited by attackers. These flaws, affecting on-premises SharePoint Server installations, pose a significant threat, with one remote code execution flaw rated 8.8 in severity.

CISA Warns of Actively Exploited SharePoint Flaws
Don't let your SharePoint servers become an easy target: over 800 Internet-exposed servers remain unpatched against actively exploited vulnerabilities, including CVE-2026-32201 and CVE-2026-45659. Act now to protect your systems from potential attacks.

US Unveils 'Gold Eagle' AI Cyber Threat Clearinghouse
The US Treasury Department has launched Gold Eagle, a cutting-edge AI cyber threat clearinghouse that brings together government and industry to share vital threat information and safeguard America's financial institutions. This innovative hub, created through a White House executive order, aims to close vulnerabilities and protect the integrity of the US financial system.

CISA Leak Exposes Gaps in Incident Response, Key Management
A staggering 844 MB of sensitive CISA data was left exposed in a public GitHub repository for almost six months, revealing critical gaps in incident response and key management. The leak included admin credentials and plaintext passwords for internal CISA systems, raising serious concerns about security protocols.

NSA, CISA Warn Federal Agencies of Identity Security Risks
The NSA and CISA are sounding the alarm: identity security risks are now the frontline in federal cybersecurity, with Active Directory and Entra ID being prime targets for cyber attackers. Recent incidents show that nearly 75% of major federal cyber breaches in the last five years involved compromised identities.

Attackers Exploit Joomla Extension Bugs with Perfect 10 Scores
Critical vulnerabilities in two popular Joomla extensions have been exploited in the wild, allowing attackers to gain remote control of affected sites by uploading malicious files. The Cybersecurity and Infrastructure Security Agency has sounded the alarm, adding the flaws to its Known Exploited Vulnerabilities catalog.

CISA Warns of Exploited Flaws in Joomla Extensions
Stay safe online: a critical vulnerability in the iCagenda extension for Joomla can allow attackers to upload malicious files and take control of your website, leading to data theft and total site compromise. CISA warns that this flaw, tracked as CVE-2026-48939, is being actively exploited, so take action now to protect your site.

Russian Hackers Target Critical Infrastructure via Router Exploits
Russian state-backed hackers have infected 18,000 routers in 120 countries, sparking a multinational warning about the threat to critical infrastructure networks. The alarming campaign is linked to Russia's Federal Security Service (FSB) Centre 16, notorious for exploiting poorly configured routers to gain access to sensitive networks.

CISA Bolsters Protections After Major Credential Leak
CISA swiftly sprang into action after discovering a major credential leak on May 15, taking swift and decisive steps to halt the breach and prevent further damage. By sharing their incident response experience, CISA aims to help other organizations bolster their defenses and avoid similar security mishaps.

CISA Exposes Lessons from AWS GovCloud Key Incident Response
When a security researcher uncovered exposed credentials in a public GitHub repository, CISA sprang into action, swiftly mitigating any potential exposure to its cloud resources and code repositories. Thanks to the researcher's sharp eyes and KrebsOnSecurity's reporting, CISA was able to respond quickly and contain the incident.

Clearinghouses Race to Remediate Pre-Disclosure Vulnerabilities
Chainguard's Athena clearinghouse has been quietly remediating vulnerabilities for months, converting findings into fixes at an incredible pace, with a one-day SLA on actively exploited vulnerabilities and over 100,000 issues resolved so far. This swift action comes as the threat landscape accelerates, with the mean time to exploit now estimated at just -7 days.

US AI Clearinghouse Must Bridge Vulnerability Gap
The US AI cybersecurity clearinghouse has a crucial role to play in bridging the vulnerability gap, but time is of the essence - AI tools are surfacing vulnerabilities at a pace that's outstripping our ability to act on them. With a 30-day deadline now expired, the clearinghouse must swiftly coordinate efforts to scan, discover, and prioritize critical infrastructure vulnerabilities.

CISA Mandates Patching of Exploited Langflow Auth Bypass Flaw
The CISA has stepped in to mandate patching of a critical Langflow Auth Bypass flaw, CVE-2026-55255, that's being exploited by financially motivated threat actors to access sensitive user data. This vulnerability allows attackers to siphon off sensitive data and hijack computing resources with just a crafted request.

CISA Mandates Patching of Exploited Adobe ColdFusion Flaw
Adobe has issued a warning to patch a critical flaw, CVE-2026-48282, in ColdFusion versions 2025.9, 2023.20, and earlier, as attackers have already begun exploiting it just two hours after disclosure. Admins are urged to deploy the updates within 72 hours to prevent code execution on unpatched systems.

CISA Warns of Active Exploitation of Adobe, Joomla, and Langflow Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on four high-severity vulnerabilities in Adobe, Joomla, and Langflow that are being actively exploited by hackers. Federal agencies have until July 10, 2026, to patch these flaws and avoid potential breaches.

CISA Flags SharePoint Flaw as Exploitable
Microsoft initially downplayed the risk of a SharePoint vulnerability, saying exploitation was less likely, but the Cybersecurity and Infrastructure Security Agency has since escalated the flaw to its list of known exploited vulnerabilities. This move signals a heightened sense of urgency for organizations to address the potentially critical issue.

CISA Warns of Active Exploits of Microsoft SharePoint Flaw
Microsoft warns that a critical flaw in SharePoint, tracked as CVE-2026-45659, is being actively exploited, allowing even low-privilege attackers to execute arbitrary code remotely with ease. This deserialization vulnerability lets authenticated attackers run code on vulnerable servers without needing admin privileges.

CISA Warns of Active SharePoint RCE Exploitation
CISA warns that a high-severity vulnerability in Microsoft SharePoint Server, known as CVE-2026-45659, is being actively exploited, allowing authorized attackers to execute code remotely. This critical flaw, patched by Microsoft in May, requires immediate attention to prevent network breaches.

Vought Weighs Rebuilding CISA Amid Budget Cuts
The Trump administration's budget office is leaving the door open to bolstering the Cybersecurity and Infrastructure Security Agency, but only if Department of Homeland Security Secretary Markwayne Mullin makes a strong case for more staff. OMB Director Russell Vought signaled a willingness to revisit staffing levels, but at a pace and process determined internally.