Tag: cisa
-
CISA warns of five-year-old GitLab flaw exploited in attacks
Tags: attack, cisa, cybersecurity, exploit, flaw, gitlab, government, infrastructure, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-five-year-old-gitlab-flaw-exploited-in-attacks/
-
Russian hackers exploited a critical Office bug within days of disclosure
One campaign, two infection paths: ZScaler found that exploitation of CVE-2026-21509 did not lead to a single uniform payload. Instead, the initial RTF-based exploit branched into two distinct infection paths, each serving a different operational purpose. The choice of dropper reportedly determined whether the attackers prioritized near-term intelligence collection or longer-term access to compromised systems.In…
-
CISA Warns of Exploited GitLab Community and Enterprise SSRF Vulnerability
Tags: api, cisa, cve, cyber, cybersecurity, exploit, flaw, gitlab, infrastructure, kev, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical server-side request forgery (SSRF) vulnerability affecting GitLab Community and Enterprise Editions to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, tracked as CVE-2021-39935, is now confirmed to be under active exploitation in the wild. Vulnerability Details The SSRF vulnerability in GitLab’s CI Lint API…
-
SolarWinds Web Help Desk Vulnerability Actively Exploited
CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/solarwinds-web-help-desk/
-
CISA Adds SolarWinds Web Help Desk RCE Flaw to Known Exploited Vulnerabilities List
Tags: cisa, cyber, cybersecurity, data, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE”‘2025″‘40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is rated critical because it enables remote code execution (RCE) and can be exploited without authentication. According to CISA, the issue stems from a deserialization of untrusted data weakness (CWE”‘502), which allows attackers…
-
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
Tags: cisa, cve, cybersecurity, data, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks.The vulnerability, tracked as CVE-2025-40551 (CVSS score: 9.8), is a untrusted data deserialization vulnerability that could pave the way for remote…
-
CISA official says CIRCIA cyber reporting update is ‘weeks’ away
“I think that we’ll have some news on CIRCIA in pretty short order, in the next couple of weeks, hopefully,” Nick Andersen, executive assistant director for cybersecurity at CISA, told reporters. First seen on therecord.media Jump to article: therecord.media/cisa-pfficial-says-circia-update-weeks-away
-
CISA orders federal agencies to patch exploited SolarWinds bug by Friday
CVE-2025-40551 carries a critical severity score of 9.8 out of 10 and impacts SolarWinds Web Help Desk (WHD), an IT service management platform used by many large organizations to handle ticketing, asset tracking and other tasks. First seen on therecord.media Jump to article: therecord.media/cisa-orders-agencies-patch-solarwinds-vuln
-
What’s next for DHS’s forthcoming replacement critical infrastructure protection panel, AI information sharing
Nick Andersen, a top CISA official, discussed plans for improving CIPAC and developing an AI-ISAC. First seen on cyberscoop.com Jump to article: cyberscoop.com/whats-next-for-dhss-forthcoming-replacement-critical-infrastructure-protection-panel-ai-information-sharing/
-
U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first…
-
CISA flags critical SolarWinds RCE flaw as exploited in attacks
CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-critical-solarwinds-rce-flaw-as-actively-exploited/
-
CISA updated ransomware intel on 59 bugs last year without telling defenders
GreyNoise’s Glenn Thorpe counts the cost of missed opportunities First seen on theregister.com Jump to article: www.theregister.com/2026/02/03/greynoise_cisa_ransomware_gripe/
-
As feds pull back, states look inward for election security support
Secretaries of State are scrambling to replace cybersecurity services once provided by CISA and other federal agencies. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-election-security-cutbacks-states-trump-administration/
-
Im KEV-Katalog der CISA – 17 Jahre alte PowerPoint-Sicherheitslücke taucht wieder auf
First seen on security-insider.de Jump to article: www.security-insider.de/cisa-sicherheitsluecke-powerpoint-kev-katalog-a-f0aa1cef53cb0d3ee06a49f5b539a578/
-
Cybersecurity 2026: AI, CISA, manufacturing sector all in the hot seat
A look at the most important trends and issues in cyber this year. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cyber-trends-outlook-2026/810708/
-
U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, injection, ivanti, kev, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Ivanti EPMM vulnerability, tracked as CVE-2026-1281 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a code injection that impacts Ivanti Endpoint Manager…
-
Breach Roundup: Android RAT Hides Behind Hugging Face
Also, SmarterMail Flaw, Nike Breach Probe, Empire Market Co-Creator Pleads Guilty. This week, researchers exposed an Android RAT abusing Hugging Face. Attackers exploited a SmarterMail flaw. Automakers raised cyber spending. CISA flagged a VMware bug. Microsoft patched Office. An Empire Market co-creator pleaded guilty. Nike probed a breach. First seen on govinfosecurity.com Jump to article:…
-
CISA, security researchers warn FortiCloud SSO flaw is under attack
The exploitation activity comes weeks after a similar authentication bypass vulnerability was found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-researchers-warn-forticloud-flaw-attack/810861/
-
New CISA Guidance Targets Insider Threat Risks
CISA urges action against insider threats with publication of a new infographic offering strategies to manage risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-targets-insider-threat-risks/
-
CISA chief uploaded sensitive government files to public ChatGPT
Tags: access, chatgpt, cisa, compliance, control, cybersecurity, government, infrastructure, office, toolLeadership credibility questioned: The uploads triggered an internal DHS assessment involving the department’s then-acting general counsel Joseph Mazzara and chief information officer Antoine McCord, along with CISA’s chief information officer Robert Costello and chief counsel Spencer Fisher, the report said. The outcome has not been disclosed.According to the report, CISA spokesperson Marci McCarthy confirmed that…
-
Acting CISA Chief Flagged for Uploading Sensitive Government Files Into ChatGPT
The acting head of the federal government’s top cyber defense agency triggered an internal cybersecurity warning last summer after uploading sensitive government documents into a public version of ChatGPT, according to four Department of Homeland Security officials familiar with the incident. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-chief-internal-cybersecurity-warning/
-
AI Use by CISA Chief Alarms Cyber Officials
CISA Defends Director’s Use of AI Tool Despite Internal Compliance Review. Cybersecurity and Infrastructure Security Agency Acting Director Madhu Gottumukkala uploaded sensitive documents to ChatGPT under a temporary, approved exception, prompting internal alerts and reigniting concerns over the agency’s AI governance and leadership judgement. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-use-by-cisa-chief-alarms-cyber-officials-a-30620
-
Critical FortiCloud SSO zero”‘day forces emergency service disablement at Fortinet
Attack details and indicators: Fortinet’s investigation into the exploitation revealed attackers used two specific FortiCloud accounts: “cloud-noc@mail.io” and “cloud-init@mail.io,” though the company warned “these addresses may change in the future.”Fortinet identified multiple IP addresses associated with the attacks, including several Cloudflare-protected addresses that attackers used to obscure their activities.”Following authentication via SSO, it has been…
-
Federal IT Buyers Told to Plan for Post-Quantum Cryptography
CISA Urges Agencies to Treat Quantum Readiness as a Standard Buying Expectation. The Cybersecurity and Infrastructure Security Agency is urging agencies to treat post-quantum cryptography as a near-term procurement expectation, signaling that information technology products should embed quantum-resistant security now to avoid rushed retrofits before federal migration deadlines. First seen on govinfosecurity.com Jump to article:…
-
U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cybersecurity, exploit, flaw, infrastructure, kev, linux, microsoft, office, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog:…
-
CISA releases technology readiness list for post-quantum cryptography
PQC standards and algorithm roadmap: The CISA advisory is aimed at aligning technologies with the nascent PQC standards now added into federal policy. NIST’s post-quantum standardization project and its Federal Information Processing Standards (FIPS) publications formed the baseline for the advisory.These include FIPS 203, which specifies the Module-lattice-Based Key Encapsulation Mechanism (ML-KEM) based on the…
-
CISA Flags Actively Exploited VMware vCenter RCE Flaw in KEV Catalog
Tags: cisa, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vcenter, vmware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog, confirming that the flaw is being actively exploited in real-world attacks. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/vmware-vcenter-cve-2024-37079-exploited/
-
CISA publishes a post-quantum shopping list for agencies. Security professionals aren’t sold
A guide aims to help tech buyers navigate their switch to post-quantum encryption, but experts cautioned that most products and backend internet protocols have yet to be updated. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-post-quantum-cryptography-procurement-guide-expert-criticism/
-
CISA Releases List of Post-Quantum Cryptography Product Categories
CISA released initial list of PQC-capable hardware and software to guide companies amid quantum threats First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-post-quantum-cryptography/