Tag: cisa
-
CISA, FBI warn that hackers are targeting systems used to monitor industrial fluids
Automatic tank gauge systems are widely used across multiple industries, including energy, agriculture and transportation. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-fbi-hackers-targeting-systems-monitor-industrial-fluits/821873/
-
CISA warns of active attacks exploiting Android, Linux bugs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-active-attacks-exploiting-android-linux-bugs/
-
U.S. CISA adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first flaw added to the catalog, tracked…
-
CISA Warns of Cyberattacks Targeting U.S. Tank Gauge Systems
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the FBI, NSA, Department of Energy, EPA, TSA, Department of Transportation, and USDA, has issued a joint warning about ongoing cyberattacks targeting automatic tank gauge (ATG) systems across the United States. These systems are critical components used in energy, chemical, food and agriculture, and transportation sectors to…
-
CISA orders agencies to patch critical Oracle WebLogic Server vulnerability
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-orders-agencies-to-patch-critical-oracle-weblogic-server-vulnerability
-
Trump Signs Voluntary AI Cyber Review Order
White House Cuts Proposed AI Review Period From 90 Days to 30. President Trump signed an executive order creating a voluntary framework for evaluating advanced AI systems with significant cybersecurity capabilities, directing NSA, Treasury and CISA to establish classified benchmarks while avoiding mandatory licensing or preclearance requirements. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/trump-signs-voluntary-ai-cyber-review-order-a-31833
-
U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2024-21182 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2024-21182 flaw is an easily exploitable vulnerability affecting Oracle WebLogic…
-
CISA flags two-year-old Oracle flaw as actively exploited in attacks
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-oracle-weblogic-flaw/
-
CISA Issues Alert on Oracle WebLogic Server Flaw Under Active Exploitation
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, oracle, risk, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle WebLogic Server vulnerability, tracked as CVE-2024-21182, to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is actively exploited in the wild. The alert, published on June 1, 2026, highlights the urgent risk to organizations that rely on Oracle WebLogic for…
-
CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation
The vulnerability in a vital defensive technology creates serious risks for federal networks, CISA said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/palo-alto-networks-firewall-flaw-exploitation-cisa-kev/821598/
-
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2026-0257 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May…
-
CISA bestätigt aktive Angriffe auf LiteSpeed-cPanel-Plugin – Kritische LiteSpeed-Lücke mit CVSS 10.0 wird aktiv ausgenutzt
First seen on security-insider.de Jump to article: www.security-insider.de/cve-2026-48172-litespeed-cpanel-plugin-root-redis-cvss-10-a-ee72d46a59d719d3fb9ddd5ff0a79597/
-
CISA bestätigt aktive Angriffe auf LiteSpeed-cPanel-Plugin – Kritische LiteSpeed-Lücke mit CVSS 10.0 wird aktiv ausgenutzt
First seen on security-insider.de Jump to article: www.security-insider.de/cve-2026-48172-litespeed-cpanel-plugin-root-redis-cvss-10-a-ee72d46a59d719d3fb9ddd5ff0a79597/
-
Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)
A relative directory path traversal vulnerability (CVE-2026-34926) in Trend Micro’s Apex One platform has been exploited in zero-day attacks, the company confirmed. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/26/actively-exploited-trend-micro-apex-one-flaw-cve-2026-34926/
-
CISA orders feds to patch actively exploited Drupal vulnerability
CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
-
CISA orders feds to patch actively exploited Drupal vulnerability
CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
-
CISA orders feds to patch actively exploited Drupal vulnerability
CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
-
CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, injection, kev, risk, sql, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in the wild. The flaw has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling a high risk to organizations using affected Drupal deployments.…
-
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May…
-
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May…
-
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions of Drupal Core.”Drupal Core First seen on…
-
You can now nominate vulnerabilities for CISA’s KEV with this form
First seen on scworld.com Jump to article: www.scworld.com/news/you-can-now-nominate-vulnerabilities-for-cisas-kev-with-this-form
-
CISA adds Trend Micro Apex One and Langflow flaws to exploited vulnerabilities catalog
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-adds-trend-micro-apex-one-and-langflow-flaws-to-exploited-vulnerabilities-catalog
-
Senator urges classified briefing after CISA data leak on GitHub
First seen on scworld.com Jump to article: www.scworld.com/news/senator-urges-classified-briefing-after-cisa-data-leak-on-github
-
CISA contractor’s public GitHub repo exposed sensitive government credentials
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-contractors-public-github-repo-exposed-sensitive-government-credentials
-
CISA Adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
Tags: ai, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, risk, tool, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, tracked as CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting active exploitation risks and urging immediate remediation. The vulnerability stems from an origin validation flaw in Langflow, a popular tool used for building and orchestrating AI-driven workflows. According to CISA,…
-
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Trend Micro Apex One and Langflow flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2025-34291(CVSS score of 9.4) is…
-
CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities
CISA has issued an urgent alert warning organizations about two newly disclosed zero-day vulnerabilities affecting Microsoft Defender, both added to the Known Exploited Vulnerabilities (KEV) catalog on May 20, 2026. CVE-2026-45498: Microsoft Defender DoS Vulnerability CVE-2026-45498 is a denial-of-service (DoS) vulnerability in Microsoft Defender that can cause the security service to stop functioning. An attacker…
-
CISA’s new KEV nomination form opens reporting to vendors and researchers
The Cybersecurity and Infrastructure Security Agency launched a new nomination form that lets researchers, vendors, and industry partners report known exploited … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/22/cisa-kev-nomination-form/