Tag: cisa
-
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks
Tags: advisory, attack, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, ransomware, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponized in the wild, with security researchers confirming its use in recent ransomware campaigns. This addition mandates that Federal Civilian Executive Branch (FCEB) agencies remediate the…
-
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks
Tags: advisory, attack, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, ransomware, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponized in the wild, with security researchers confirming its use in recent ransomware campaigns. This addition mandates that Federal Civilian Executive Branch (FCEB) agencies remediate the…
-
CISA Directs Federal Agencies to Update Edge Devices
Binding Directive Requires Inventories and Replacements. U.S. federal agencies have 12 months to start replacing risky network appliances running past their vendor support cutoff date under a directive published Thursday by U.S. Cybersecurity and Infrastructure Security Agency. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisa-directs-federal-agencies-to-update-edge-devices-a-30689
-
CISA orders feds to disconnect unsupported network edge devices
The government is worried about hackers accessing systems through insecure and poorly monitored routers, firewalls and similar equipment at the network perimeter. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-edge-devices-binding-operational-directive/811539/
-
CISA gives federal agencies one year to rip out endlife devices
The U.S. cyber defense agency issued an operational directive on Thursday mandating federal agencies to “remove any hardware and software devices that is no longer supported by its original equipment manufacturer.” First seen on therecord.media Jump to article: therecord.media/cisa-gives-federal-agencies-one-year-end-of-life-devices
-
CISA tells agencies to stop using unsupported edge devices
A binding operational directive issued Thursday looks to combat an attack pathway that has been behind some of the biggest attacks and most common exploits in recent years. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-bod-directive-unsupported-edge-devices-firewalls-routers/
-
CISA confirms exploitation of VMware ESXi flaw by ransomware attackers
CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the vulnerability’s entry in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/05/cisa-cve-2025-22225-ransomware-exploitation/
-
CISA Confirms VMware ESXi 0-Day Vulnerability Exploited in Ransomware Operations
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, ransomware, vmware, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting VMware ESXi to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-22225, this zero-day flaw allows attackers to escape security sandboxes. It is currently being leveraged in active ransomware operations. Technical Analysis of CVE-2025-22225 The vulnerability is classified as an arbitrary write memory…
-
SolarWinds RCE bug makes Cisa list as exploitation spreads
Exploitation of CVE-2025-40551, an RCE flaw affecting SolarWinds Web Help Desk, appears to be spreading, and defenders are on high alert. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638837/SolarWinds-RCE-bug-makes-Cisa-list-as-exploitation-spreads
-
CISA Makes Unpublicized Ransomware Updates to KEV Catalog
A third of the flipped CVEs affected network edge devices, leading one researcher to conclude, Ransomware operators are building playbooks around your perimeter. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/cisa-hidden-ransomware-updates-kev-catalog
-
VMware ESXi flaw now exploited in ransomware attacks
CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was previously used in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
-
CISA warns of five-year-old GitLab flaw exploited in attacks
Tags: attack, cisa, cybersecurity, exploit, flaw, gitlab, government, infrastructure, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-five-year-old-gitlab-flaw-exploited-in-attacks/
-
Russian hackers exploited a critical Office bug within days of disclosure
One campaign, two infection paths: ZScaler found that exploitation of CVE-2026-21509 did not lead to a single uniform payload. Instead, the initial RTF-based exploit branched into two distinct infection paths, each serving a different operational purpose. The choice of dropper reportedly determined whether the attackers prioritized near-term intelligence collection or longer-term access to compromised systems.In…
-
CISA Warns of Exploited GitLab Community and Enterprise SSRF Vulnerability
Tags: api, cisa, cve, cyber, cybersecurity, exploit, flaw, gitlab, infrastructure, kev, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical server-side request forgery (SSRF) vulnerability affecting GitLab Community and Enterprise Editions to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, tracked as CVE-2021-39935, is now confirmed to be under active exploitation in the wild. Vulnerability Details The SSRF vulnerability in GitLab’s CI Lint API…
-
SolarWinds Web Help Desk Vulnerability Actively Exploited
CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/solarwinds-web-help-desk/
-
CISA Adds SolarWinds Web Help Desk RCE Flaw to Known Exploited Vulnerabilities List
Tags: cisa, cyber, cybersecurity, data, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE”‘2025″‘40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is rated critical because it enables remote code execution (RCE) and can be exploited without authentication. According to CISA, the issue stems from a deserialization of untrusted data weakness (CWE”‘502), which allows attackers…
-
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
Tags: cisa, cve, cybersecurity, data, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks.The vulnerability, tracked as CVE-2025-40551 (CVSS score: 9.8), is a untrusted data deserialization vulnerability that could pave the way for remote…
-
CISA official says CIRCIA cyber reporting update is ‘weeks’ away
“I think that we’ll have some news on CIRCIA in pretty short order, in the next couple of weeks, hopefully,” Nick Andersen, executive assistant director for cybersecurity at CISA, told reporters. First seen on therecord.media Jump to article: therecord.media/cisa-pfficial-says-circia-update-weeks-away
-
CISA orders federal agencies to patch exploited SolarWinds bug by Friday
CVE-2025-40551 carries a critical severity score of 9.8 out of 10 and impacts SolarWinds Web Help Desk (WHD), an IT service management platform used by many large organizations to handle ticketing, asset tracking and other tasks. First seen on therecord.media Jump to article: therecord.media/cisa-orders-agencies-patch-solarwinds-vuln
-
What’s next for DHS’s forthcoming replacement critical infrastructure protection panel, AI information sharing
Nick Andersen, a top CISA official, discussed plans for improving CIPAC and developing an AI-ISAC. First seen on cyberscoop.com Jump to article: cyberscoop.com/whats-next-for-dhss-forthcoming-replacement-critical-infrastructure-protection-panel-ai-information-sharing/
-
U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first…
-
CISA flags critical SolarWinds RCE flaw as exploited in attacks
CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-critical-solarwinds-rce-flaw-as-actively-exploited/
-
CISA updated ransomware intel on 59 bugs last year without telling defenders
GreyNoise’s Glenn Thorpe counts the cost of missed opportunities First seen on theregister.com Jump to article: www.theregister.com/2026/02/03/greynoise_cisa_ransomware_gripe/
-
As feds pull back, states look inward for election security support
Secretaries of State are scrambling to replace cybersecurity services once provided by CISA and other federal agencies. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-election-security-cutbacks-states-trump-administration/
-
Im KEV-Katalog der CISA – 17 Jahre alte PowerPoint-Sicherheitslücke taucht wieder auf
First seen on security-insider.de Jump to article: www.security-insider.de/cisa-sicherheitsluecke-powerpoint-kev-katalog-a-f0aa1cef53cb0d3ee06a49f5b539a578/
-
Cybersecurity 2026: AI, CISA, manufacturing sector all in the hot seat
A look at the most important trends and issues in cyber this year. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cyber-trends-outlook-2026/810708/
-
U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, injection, ivanti, kev, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Ivanti EPMM vulnerability, tracked as CVE-2026-1281 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a code injection that impacts Ivanti Endpoint Manager…
-
Breach Roundup: Android RAT Hides Behind Hugging Face
Also, SmarterMail Flaw, Nike Breach Probe, Empire Market Co-Creator Pleads Guilty. This week, researchers exposed an Android RAT abusing Hugging Face. Attackers exploited a SmarterMail flaw. Automakers raised cyber spending. CISA flagged a VMware bug. Microsoft patched Office. An Empire Market co-creator pleaded guilty. Nike probed a breach. First seen on govinfosecurity.com Jump to article:…
-
CISA, security researchers warn FortiCloud SSO flaw is under attack
The exploitation activity comes weeks after a similar authentication bypass vulnerability was found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-researchers-warn-forticloud-flaw-attack/810861/
-
New CISA Guidance Targets Insider Threat Risks
CISA urges action against insider threats with publication of a new infographic offering strategies to manage risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-targets-insider-threat-risks/