Skip to main content

Tag: cisa

347 articles

Networked server equipment and cabling in a brightly-lit data center with a blurred background.

CISA Flags SolarWinds Serv-U Flaw as Actively Exploited

A critical flaw in SolarWinds Serv-U is being actively exploited, allowing attackers to crash the service with a specially crafted POST request - no authentication required. This denial-of-service vulnerability, tracked as CVE-2026-28318, can be triggered by a simple HTTP POST request with a malicious Content-Encoding header.

Analyst 207
Internet-exposed automatic tank gauge system at a gas station with pumps and convenience store in the background.

US Gas Station Tank Gauge Systems Vulnerable to Ongoing Attacks

US gas stations are under cyberattack, with hackers exploiting vulnerable tank gauge systems to gain control and wreak havoc. A joint advisory from top US agencies is urging critical infrastructure organizations to secure their internet-exposed systems ASAP.

Analyst 207
Server racks and computer hardware in a dimly lit e-commerce IT area.

CISA Warns of Exploited Magento Extension Flaw

A critical flaw in the Mirasvit Full Page Cache Warmer Magento extension, tracked as CVE-2026-45247, has been exploited by hackers, allowing them to execute remote code without authentication. This vulnerability, rated 9.8 on the CVSS scale, enables attackers to wreak havoc by supplying a malicious PHP object in the CacheWarmer cookie.

Analyst 207
DHS or CISA representative addresses Congress from a podium in a hearing room.

Mullin Targets 2,800 Staff for Optimal CISA Operations

Department of Homeland Security Secretary Markwayne Mullin aims to boost the Cybersecurity and Infrastructure Security Agency's effectiveness with a targeted workforce of 2,800 personnel, leveraging public partnerships and strategic grant usage to fortify national security.

Analyst 207
Smartphone on a neutral surface with blurred background.

CISA Warns of Active Exploits Targeting Android, Linux Flaws

A high-severity Android flaw, CVE-2025-48595, is being actively exploited in targeted attacks, allowing hackers to gain increased privileges without needing any user interaction. This critical vulnerability affects Android 14-16 and has prompted CISA to add it to its list of Known Exploited Vulnerabilities.

Analyst 207
Server equipment on a rack in a brightly-lit government agency setting.

CISA Flags Oracle WebLogic Flaw as Actively Exploited

The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged a high-severity Oracle WebLogic flaw, CVE-2024-21182, as actively exploited, prompting federal agencies to apply fixes by June 4, 2026. This critical vulnerability, rated 7.5 by CVSS, was added to CISA's Known Exploited Vulnerabilities Catalog after evidence of active exploitation was confirmed.

Analyst 207
Rows of computer servers and equipment in a brightly-lit server room, with a central Oracle WebLogic Server device on a rack.

CISA Warns of Actively Exploited Oracle WebLogic Server Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) is sounding the alarm on a highly exploitable Oracle WebLogic Server vulnerability, CVE-2024-21182, that's being actively targeted by threat actors. Over 1,592 vulnerable servers are currently exposed online, making it a pressing concern for organizations to patch up ASAP.

Analyst 207
Network operations center with a next-generation firewall on a rack and cables connected.

Palo Alto Networks Vulnerability Exploited in Active Attacks

Palo Alto Networks is urging users to patch their systems ASAP, as hackers are actively exploiting a critical vulnerability (CVE-2026-0257) in unpatched PAN-OS devices. This highly sought-after flaw was initially rated medium-severity but quickly upgraded to critical after exploitation was confirmed.

Analyst 207
Server room with rows of equipment, focusing on a single server screen displaying a plugin interface.

CISA Mandates Emergency Patch for Exploited cPanel Plugin Flaw

A critical vulnerability in the LiteSpeed cPanel plugin, known as CVE-2026-48172, is being actively exploited by remote attackers, allowing them to execute arbitrary scripts with root privileges. CISA has issued an emergency patch, giving affected users just four days to update and protect themselves.

Analyst 207
Large, empty government building interior with podium and blurred seal on wall.

CISA Mandates Patching of Exploited Drupal Vulnerability

The US Cybersecurity and Infrastructure Security Agency has issued a directive requiring federal agencies to patch a critical Drupal vulnerability, known as CVE-2026-9082, by May 27 to prevent devastating SQL injection attacks. This highly critical flaw allows hackers to exploit PostgreSQL-powered Drupal sites and gain unauthorized access to sensitive information.

Analyst 207
Laptop screen shows GitHub repository with blurred username and repository name, in a softly focused CISA office background.

CISA Faces Scrutiny Over Leaked Credentials

The US Cybersecurity and Infrastructure Security Agency (CISA) is under fire after dozens of its internal credentials were accidentally exposed on a public GitHub account, sparking concerns over potential security breaches. Despite the agency's assurance that no sensitive data was compromised, lawmakers and experts are demanding answers on how this incident occurred.

Analyst 207
Professional in a government agency setting near a whiteboard or screen.

CISA Opens KEV Nominations to Bolster Vulnerability Intelligence

CISA is now accepting nominations for its Known Exploited Vulnerabilities catalog, empowering public reporting to strengthen the nation's cybersecurity posture by quickly identifying and mitigating exploited vulnerabilities. By submitting through the new KEV nomination form, you're helping to keep federal, private, and critical infrastructure networks safe.

Analyst 207
Rows of equipment racks and monitoring stations in a server room with an empty workstation.

CISA Flags Actively Exploited Langflow, Trend Micro Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on two major vulnerabilities, CVE-2025-34291 and CVE-2026-34926, currently being exploited by hackers, and is requiring federal agencies to patch them by June 4, 2026. These weaknesses, found in Langflow and Trend Micro Apex One, could allow attackers to take control of systems and execute malicious code.

Analyst 207
Empty seats face a podium in a formal conference setting.

CISA Warns of Open-Source Vulnerabilities Amid Delayed Security Improvements

The open-source community's rapid vulnerability discovery is a pressing concern, with the tempo of exploitation accelerating and straining traditional defensive practices, according to CISA's acting director Nick Andersen. He warns that this situation will require hard security decisions to mitigate the risks to federal and private networks.

Analyst 207
Representative speaks at podium with blurred seal behind, hint of network visual in background.

Lawmakers Warn of CISA Cuts' Cyber Security Risks

Lawmakers are sounding the alarm on proposed cuts to CISA, warning that weakening the agency will put America's domestic networks, energy grids, and critical infrastructure at serious cyber security risk. A strong CISA is crucial to defending our nation's civilian infrastructure, according to Rep. Don Bacon.

Analyst 207
Computer screen displays GitHub repository on a clutter-free desk with scattered papers.

CISA Exposes Sensitive Data in Unsecured GitHub Repository

A shocking security lapse was uncovered when a GitGuardian researcher stumbled upon a public GitHub repository containing 844 MB of sensitive production infrastructure material from a national agency, left exposed for a staggering six months. This alarming data leak highlights the gravity of unsecured data, with expert Guillaume Valadon describing it as one of the most serious secrets leaks he's ever seen.

Analyst 207
Blurred code on a laptop screen in a brightly-lit workspace with a coding environment in the background.

CISA Credentials Exposed in GitHub Leak

A security researcher has uncovered a public GitHub repository exposing sensitive credentials tied to the Cybersecurity and Infrastructure Security Agency, sparking fears that malicious actors could exploit the data for nefarious purposes. The leak, linked to a contractor-maintained repository called "Private-CISA," reportedly included privileged AWS GovCloud accounts and internal CISA systems.

Analyst 207
Laptop screen displays GitHub repository in a bright, minimalist workspace.

CISA Exposes Security Lapse with Open GitHub Repository

The US's leading cyber-defense agency, CISA, made a shocking security blunder by leaving a GitHub repository open, exposing sensitive passwords, keys, and tokens with alarmingly obvious filenames. This careless mistake raises serious concerns about the agency's ability to protect itself and the nation from cyber threats.

Analyst 207
Empty computer workstation with laptop and papers in a neutral office setting, hint of coding workspace in background.

CISA Contractor Exposes AWS GovCloud Keys in GitHub Leak

A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) made a critical mistake by exposing sensitive AWS GovCloud keys, plaintext passwords, and internal files in a public GitHub repository. The leak, described as one of the worst ever witnessed, included highly privileged credentials and build artifacts for numerous internal CISA systems.

Analyst 207
Defense technology lab with abstract representation of defense-related object.

Former CISA Nominee Plankey Joins Defense Startup UFORCE as US CEO

Big news in the defense tech space: Sean Plankey, former CISA nominee, has joined UFORCE as US CEO, bringing his expertise in delivering proven combat systems to a company poised to revolutionize defense technology. With his cyber veteran background, Plankey is set to drive innovation and speed in meeting the evolving needs of the US and its allies.

Analyst 207
Network equipment and cables surround a Cisco-style SD-WAN controller device in a large IT infrastructure room.

CISA Flags Cisco SD-WAN Vulnerability as Exploited

CISA has flagged a critical Cisco SD-WAN vulnerability, CVE-2026-20182, as exploited, giving federal agencies until May 17, 2026, to patch the authentication bypass flaw that could grant hackers administrative privileges. This vulnerability, scoring 10.0 on the CVSS scale, is now a top priority for remediation.

Analyst 207
Global agency representatives meet to discuss AI supply chain risks, surrounded by laptops and documents.

Global Agencies Unveil AI Supply Chain Risk Guidance with SBOMs

Global agencies have joined forces to release groundbreaking guidance on AI supply chain risk, outlining minimum elements for Software Bill of Materials (SBOMs) to enhance security and transparency. This crucial step forward aims to tackle the complex challenges of measuring and defining AI risks across organizations.

Analyst 207
Representatives from various countries meet around a large table with laptops and notes.

G7 Guidance Sets AI Security Standards

The G7 has set a new benchmark for AI security with the release of voluntary guidelines, outlining the minimum requirements for transparency around AI system components. This move aims to establish a common baseline for the industry, promoting trust and safety in the rapidly evolving AI landscape.

Analyst 207
Senator sits at desk with concerned expression, surrounded by election security documents.

Senator Warns of Election Security Support Erosion

Senator Mark Warner is sounding the alarm on a critical issue: the alarming erosion of federal support for election security just ahead of the 2026 midterms, leaving states and localities vulnerable to threats. He's demanding answers from the Department of Homeland Security and CISA about their current election security posture.

Analyst 207