Tag: cisa
347 articles

CISA Flags SolarWinds Serv-U Flaw as Actively Exploited
A critical flaw in SolarWinds Serv-U is being actively exploited, allowing attackers to crash the service with a specially crafted POST request - no authentication required. This denial-of-service vulnerability, tracked as CVE-2026-28318, can be triggered by a simple HTTP POST request with a malicious Content-Encoding header.

US Gas Station Tank Gauge Systems Vulnerable to Ongoing Attacks
US gas stations are under cyberattack, with hackers exploiting vulnerable tank gauge systems to gain control and wreak havoc. A joint advisory from top US agencies is urging critical infrastructure organizations to secure their internet-exposed systems ASAP.

CISA Warns of Exploited Magento Extension Flaw
A critical flaw in the Mirasvit Full Page Cache Warmer Magento extension, tracked as CVE-2026-45247, has been exploited by hackers, allowing them to execute remote code without authentication. This vulnerability, rated 9.8 on the CVSS scale, enables attackers to wreak havoc by supplying a malicious PHP object in the CacheWarmer cookie.

Mullin Targets 2,800 Staff for Optimal CISA Operations
Department of Homeland Security Secretary Markwayne Mullin aims to boost the Cybersecurity and Infrastructure Security Agency's effectiveness with a targeted workforce of 2,800 personnel, leveraging public partnerships and strategic grant usage to fortify national security.

CISA Warns of Active Exploits Targeting Android, Linux Flaws
A high-severity Android flaw, CVE-2025-48595, is being actively exploited in targeted attacks, allowing hackers to gain increased privileges without needing any user interaction. This critical vulnerability affects Android 14-16 and has prompted CISA to add it to its list of Known Exploited Vulnerabilities.

CISA Flags Oracle WebLogic Flaw as Actively Exploited
The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged a high-severity Oracle WebLogic flaw, CVE-2024-21182, as actively exploited, prompting federal agencies to apply fixes by June 4, 2026. This critical vulnerability, rated 7.5 by CVSS, was added to CISA's Known Exploited Vulnerabilities Catalog after evidence of active exploitation was confirmed.

CISA Warns of Actively Exploited Oracle WebLogic Server Vulnerability
The US Cybersecurity and Infrastructure Security Agency (CISA) is sounding the alarm on a highly exploitable Oracle WebLogic Server vulnerability, CVE-2024-21182, that's being actively targeted by threat actors. Over 1,592 vulnerable servers are currently exposed online, making it a pressing concern for organizations to patch up ASAP.

Palo Alto Networks Vulnerability Exploited in Active Attacks
Palo Alto Networks is urging users to patch their systems ASAP, as hackers are actively exploiting a critical vulnerability (CVE-2026-0257) in unpatched PAN-OS devices. This highly sought-after flaw was initially rated medium-severity but quickly upgraded to critical after exploitation was confirmed.

CISA Mandates Emergency Patch for Exploited cPanel Plugin Flaw
A critical vulnerability in the LiteSpeed cPanel plugin, known as CVE-2026-48172, is being actively exploited by remote attackers, allowing them to execute arbitrary scripts with root privileges. CISA has issued an emergency patch, giving affected users just four days to update and protect themselves.

CISA Mandates Patching of Exploited Drupal Vulnerability
The US Cybersecurity and Infrastructure Security Agency has issued a directive requiring federal agencies to patch a critical Drupal vulnerability, known as CVE-2026-9082, by May 27 to prevent devastating SQL injection attacks. This highly critical flaw allows hackers to exploit PostgreSQL-powered Drupal sites and gain unauthorized access to sensitive information.

CISA Faces Scrutiny Over Leaked Credentials
The US Cybersecurity and Infrastructure Security Agency (CISA) is under fire after dozens of its internal credentials were accidentally exposed on a public GitHub account, sparking concerns over potential security breaches. Despite the agency's assurance that no sensitive data was compromised, lawmakers and experts are demanding answers on how this incident occurred.

CISA Opens KEV Nominations to Bolster Vulnerability Intelligence
CISA is now accepting nominations for its Known Exploited Vulnerabilities catalog, empowering public reporting to strengthen the nation's cybersecurity posture by quickly identifying and mitigating exploited vulnerabilities. By submitting through the new KEV nomination form, you're helping to keep federal, private, and critical infrastructure networks safe.

CISA Flags Actively Exploited Langflow, Trend Micro Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on two major vulnerabilities, CVE-2025-34291 and CVE-2026-34926, currently being exploited by hackers, and is requiring federal agencies to patch them by June 4, 2026. These weaknesses, found in Langflow and Trend Micro Apex One, could allow attackers to take control of systems and execute malicious code.

CISA Warns of Open-Source Vulnerabilities Amid Delayed Security Improvements
The open-source community's rapid vulnerability discovery is a pressing concern, with the tempo of exploitation accelerating and straining traditional defensive practices, according to CISA's acting director Nick Andersen. He warns that this situation will require hard security decisions to mitigate the risks to federal and private networks.

Lawmakers Warn of CISA Cuts' Cyber Security Risks
Lawmakers are sounding the alarm on proposed cuts to CISA, warning that weakening the agency will put America's domestic networks, energy grids, and critical infrastructure at serious cyber security risk. A strong CISA is crucial to defending our nation's civilian infrastructure, according to Rep. Don Bacon.

CISA Exposes Sensitive Data in Unsecured GitHub Repository
A shocking security lapse was uncovered when a GitGuardian researcher stumbled upon a public GitHub repository containing 844 MB of sensitive production infrastructure material from a national agency, left exposed for a staggering six months. This alarming data leak highlights the gravity of unsecured data, with expert Guillaume Valadon describing it as one of the most serious secrets leaks he's ever seen.

CISA Credentials Exposed in GitHub Leak
A security researcher has uncovered a public GitHub repository exposing sensitive credentials tied to the Cybersecurity and Infrastructure Security Agency, sparking fears that malicious actors could exploit the data for nefarious purposes. The leak, linked to a contractor-maintained repository called "Private-CISA," reportedly included privileged AWS GovCloud accounts and internal CISA systems.

CISA Exposes Security Lapse with Open GitHub Repository
The US's leading cyber-defense agency, CISA, made a shocking security blunder by leaving a GitHub repository open, exposing sensitive passwords, keys, and tokens with alarmingly obvious filenames. This careless mistake raises serious concerns about the agency's ability to protect itself and the nation from cyber threats.

CISA Contractor Exposes AWS GovCloud Keys in GitHub Leak
A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) made a critical mistake by exposing sensitive AWS GovCloud keys, plaintext passwords, and internal files in a public GitHub repository. The leak, described as one of the worst ever witnessed, included highly privileged credentials and build artifacts for numerous internal CISA systems.

Former CISA Nominee Plankey Joins Defense Startup UFORCE as US CEO
Big news in the defense tech space: Sean Plankey, former CISA nominee, has joined UFORCE as US CEO, bringing his expertise in delivering proven combat systems to a company poised to revolutionize defense technology. With his cyber veteran background, Plankey is set to drive innovation and speed in meeting the evolving needs of the US and its allies.

CISA Flags Cisco SD-WAN Vulnerability as Exploited
CISA has flagged a critical Cisco SD-WAN vulnerability, CVE-2026-20182, as exploited, giving federal agencies until May 17, 2026, to patch the authentication bypass flaw that could grant hackers administrative privileges. This vulnerability, scoring 10.0 on the CVSS scale, is now a top priority for remediation.

Global Agencies Unveil AI Supply Chain Risk Guidance with SBOMs
Global agencies have joined forces to release groundbreaking guidance on AI supply chain risk, outlining minimum elements for Software Bill of Materials (SBOMs) to enhance security and transparency. This crucial step forward aims to tackle the complex challenges of measuring and defining AI risks across organizations.

G7 Guidance Sets AI Security Standards
The G7 has set a new benchmark for AI security with the release of voluntary guidelines, outlining the minimum requirements for transparency around AI system components. This move aims to establish a common baseline for the industry, promoting trust and safety in the rapidly evolving AI landscape.

Senator Warns of Election Security Support Erosion
Senator Mark Warner is sounding the alarm on a critical issue: the alarming erosion of federal support for election security just ahead of the 2026 midterms, leaving states and localities vulnerable to threats. He's demanding answers from the Department of Homeland Security and CISA about their current election security posture.