Tag: cisa
347 articles

DHS Revives Cybersecurity Council for Critical Infrastructure
The Department of Homeland Security is launching the Alliance of National Councils for Homeland Operational Resilience – Critical Infrastructure program to boost cybersecurity coordination between government agencies and private sector partners. This new initiative aims to bring together experts from various fields to tackle the latest threats and protect critical infrastructure.

Ransomware gangs exploit Windows BlueHammer flaw
Ransomware gangs are actively exploiting a critical Microsoft Defender flaw, nicknamed BlueHammer, which has been added to CISA's list of Known Exploited Vulnerabilities. This vulnerability is a prime target for malicious cyber actors, posing a significant risk to those who haven't yet applied the necessary patches.

CISA Mandates Urgent Patching for Exploited Cisco Flaw
Don't wait until it's too late: Cisco has issued a critical patch for a vulnerability (CVE-2026-20230) in its Unified Communications Manager Server, and the US Cybersecurity and Infrastructure Security Agency (CISA) is requiring urgent remediation by June 28. Act now to protect your system from potential remote exploitation.

Perimeter Devices Exposed as Vulnerability in Authentication Bypass Attacks
A recent emergency directive from CISA revealed a shocking vulnerability in Check Point Remote Access VPN, allowing attackers to bypass authentication and gain trusted user access since early May. This critical flaw, with a CVSS score of 9.3, enables remote attackers to establish a fully authenticated VPN session without a valid password, essentially turning a security gateway into an entry point for intruders.

CISA Guides Agencies Toward SASE for Zero Trust Adoption
CISA's new guidance is helping federal agencies ditch outdated internet gateways and make the leap to Secure Access Service Edge (SASE) technology, a key step towards adopting zero-trust architectures. By making this shift, agencies can unlock the benefits of zero-trust security and leave legacy perimeter-based models behind.

Governments Struggle to Secure Open-Source Software
The alarming reality is that years of underinvestment in open-source software security are catching up with us, with a new supply chain compromise emerging almost every week. A recent scan by Project Glasswing found over 6,000 high-risk vulnerabilities in popular open-source projects, but only a tiny fraction have been patched.

CISA Warns of Actively Exploited Ubiquiti Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning that hackers are actively exploiting security flaws in Ubiquiti UniFi OS devices, posing a significant threat to system security. Federal agencies have just three days to apply crucial updates or recommended fixes to avoid potential breaches.

Legacy Infrastructure Exposes AI Agents to Hijacking Risks
Legacy infrastructure can put your AI agents at risk of hijacking, as seen with CVE-2025-24813, a remote code execution flaw that lets attackers turn a routine server compromise into a full takeover. An unpatched Internet-facing Apache Tomcat server is all it takes to expose your enterprise to this threat.

CISA Warns of Widespread FortiBleed Attacks on 86,644 Devices
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning after a massive cyberattack, dubbed FortiBleed, compromised a staggering 86,644 FortiGate devices, putting countless networks at risk. Take immediate action to protect yourself: shut down active SSL VPN and admin sessions, reset passwords, and enforce strong password policies.

CISA Warns of Active Exploitation of Splunk Enterprise Flaw
A critical vulnerability in Splunk Enterprise, tracked as CVE-2026-20253, allows remote attackers to create or delete files on vulnerable systems without needing any login credentials. This security flaw affects specific versions of Splunk Enterprise, including 10.2.0 through 10.2.3 and 10.0.0 through 10.0.6.

CISA Warns Fortinet Users of Credential Exposure After FortiBleed Leak
Fortinet users are being warned by CISA to take immediate action to protect themselves from credential exposure after a massive leak, known as FortiBleed, exposed nearly 74,000 firewall and VPN credentials. Take steps now to secure your devices and prevent malicious cyber actors from exploiting your compromised credentials.

CISA Gains Access to Anthropic's AI Vulnerability Model
The Cybersecurity and Infrastructure Security Agency (CISA) just gained full access to Anthropic's powerful AI Vulnerability Model, known as Mythos Preview - but there's a catch: clear guidelines on how to use it are still missing. This new tool could be a game-changer for cybersecurity, but unclear rules may hinder its effectiveness.

CISA Mandates Patching of Joomla Plugin Flaw by Friday
Don't wait until it's too late - CISA is requiring Federal agencies to patch a critical Joomla plugin flaw by Friday, as hackers can exploit it to upload and execute malicious PHP code. The vulnerability, found in the Widget Factory Joomla Content Editor, allows unauthenticated users to create new editor profiles and poses significant risks to your online security.

CISA Warns of Actively Exploited cPanel Plugin Flaw
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical cPanel plugin flaw, CVE-2026-54420, that's being actively exploited by hackers, posing a significant risk to all user-end plugin versions prior to 2.4.8. This vulnerability allows attackers to escalate privileges to root, putting your online security at risk.

Cisco Disrupts Active Exploitation of SD-WAN Manager Flaw
Cisco is taking swift action to combat the active exploitation of a medium-severity flaw in its SD-WAN Manager, known as CVE-2026-20262, which could let hackers create or overwrite files on affected systems. Federal agencies have until June 29, 2026 to remediate the vulnerability.

CISA Mandates Patching of Actively Exploited Ivanti Flaw
Federal agencies are on high alert: a severe vulnerability in Ivanti's Sentry gateway, already exploited by attackers, must be patched within three days to prevent further backdoor attacks. CISA's urgent directive demands swift action to secure vulnerable devices and shield against malicious cyber threats.

CISA Overhauls Vulnerability Patching with Risk-Based Approach
CISA is shaking up vulnerability patching with a risk-based approach, urging agencies and private operators to focus on high-risk areas first. This new directive ditches rigid deadlines based on severity labels, instead tying remediation timelines to assessed risk.

CISA Mandates Swift Patching of Exploited Flaws Within 3 Days
The US Cybersecurity and Infrastructure Security Agency (CISA) is now requiring federal agencies to patch high-risk vulnerabilities within just three days to significantly reduce the threat of cyberattacks. This new directive aims to slash the time attackers have to exploit weaknesses, protecting the public sector from potential breaches.

NSO Group Defies Court Order, Continues Targeting WhatsApp Users
Despite a court order blocking it from doing so, NSO Group continues to target WhatsApp users, defying the ruling and putting users at risk. The company is fighting to overturn the order, claiming it will suffer harm if it's forced to comply.

CISA Overhauls Vulnerability Patching with Smarter Prioritization Directive
The Cybersecurity and Infrastructure Security Agency (CISA) has rolled out a game-changing directive that revolutionizes vulnerability patching with a smarter approach to prioritization, empowering federal agencies to tackle fixes more efficiently. By introducing clear guidelines and timelines, CISA is helping agencies focus on the most critical patches first, based on criteria like exposure, exploitability, and real-world threat activity.

CISA Flags Cisco, Chrome, Arista Flaws as Actively Exploited
Stay safe online: CISA has flagged serious vulnerabilities in Cisco, Chrome, and Arista that are being actively exploited by hackers, so take action now to protect your systems. These flaws could let attackers gain unauthorized access, making it crucial to update your software ASAP.

CISA Directive Overhauls Cyber Risk Prioritization Across Agencies
The Cybersecurity and Infrastructure Security Agency is shaking up its approach to cyber risk with a new directive that prioritizes impact over raw vulnerability counts, helping agencies focus on protecting what matters most. Acting director Nick Andersen urges a pragmatic approach, acknowledging that some systems are more critical than others.

CISA Overhauls Risk Prioritization Approach for Federal Agencies, Private Sector
CISA is shaking up its approach to risk prioritization, urging a smarter strategy for applying patches and tackling vulnerabilities. Acting director Nick Andersen emphasizes the need to focus on what matters most, rather than rushing to apply every patch as soon as it's released.

CISA Mandates Patching of Exploited Check Point VPN Bug
A critical vulnerability in Check Point VPNs, known as CVE-2026-50751, has been exploited in dozens of organizations worldwide, with one incident linked to Qilin ransomware. This bug allows hackers to bypass authentication and establish remote access, putting targeted organizations at risk.