CISA

Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure

CISA, Training & Awareness /

Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure 2025-10-01 at 14:00 By Torsten George This year’s theme focuses on government entities and small and medium-sized businesses that are vital to protecting the systems and services that keep our communities running. The post Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure appeared first on […]

React to this headline:

Loading spinner

Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure Read More »

CISA says it will fill the gap as some federal funding for MS-ISAC dries up

Center for Internet Security, CISA, cybersecurity, DHS, Don't miss, Government, Hot stuff, News, USA /

CISA says it will fill the gap as some federal funding for MS-ISAC dries up 2025-09-30 at 18:45 By Zeljka Zorz The cooperative agreement between the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the not-for-profit Center for Internet Security is ending today, the agency has announced on Monday, and CISA will take it upon

React to this headline:

Loading spinner

CISA says it will fill the gap as some federal funding for MS-ISAC dries up Read More »

The Cybersecurity Information Sharing Act Faces Expiration

CISA, Featured, Government /

The Cybersecurity Information Sharing Act Faces Expiration 2025-09-30 at 04:02 By Kevin Townsend The CISA is set to expire on September 30, 2025, raising urgent questions about risk, politics, and the future of threat intelligence. The post The Cybersecurity Information Sharing Act Faces Expiration appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

The Cybersecurity Information Sharing Act Faces Expiration Read More »

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks

0-day, backdoor, CISA, Cisco, Don't miss, firewall, Government, government-backed attacks, Hot stuff, malware analysis, NCSC, News /

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks 2025-09-26 at 14:19 By Zeljka Zorz A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and Australian cybersecurity agencies. The suspected state-sponsored threat actor behind it is believed to be the one

React to this headline:

Loading spinner

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks Read More »

GeoServer Flaw Exploited in US Federal Agency Hack

CISA, exploited, GeoServer, Vulnerabilities /

GeoServer Flaw Exploited in US Federal Agency Hack 2025-09-24 at 16:21 By Ionut Arghire The hackers remained undetected for three weeks, deploying China Chopper, remote access scripts, and reconnaissance tools. The post GeoServer Flaw Exploited in US Federal Agency Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

GeoServer Flaw Exploited in US Federal Agency Hack Read More »

CISA Analyzes Malware From Ivanti EPMM Intrusions

CISA, exploited, Ivanti, Malware, Malware & Threats /

CISA Analyzes Malware From Ivanti EPMM Intrusions 2025-09-19 at 14:30 By Ionut Arghire Hackers chained two Ivanti EPMM vulnerabilities to collect system information, dump credentials, and execute malware. The post CISA Analyzes Malware From Ivanti EPMM Intrusions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Analyzes Malware From Ivanti EPMM Intrusions Read More »

CISA looks to partners to shore up the future of the CVE Program

CISA, CVE, Don't miss, Government, Hot stuff, MITRE, News, USA, vulnerability assessment /

CISA looks to partners to shore up the future of the CVE Program 2025-09-12 at 15:32 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has affirmed its continuing support for the Common Vulnerabilities and Exposures (CVE) program. “If we want to outpace and outmaneuver our adversaries, we must first ensure that defenders

React to this headline:

Loading spinner

CISA looks to partners to shore up the future of the CVE Program Read More »

CISA: CVE Program to Focus on Vulnerability Data Quality

CISA, CVE, Government /

CISA: CVE Program to Focus on Vulnerability Data Quality 2025-09-12 at 14:01 By Ionut Arghire CISA says it is time for the CVE Program to focus on improving trust, responsiveness, and the caliber of vulnerability data. The post CISA: CVE Program to Focus on Vulnerability Data Quality appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

CISA: CVE Program to Focus on Vulnerability Data Quality Read More »

US, Allies Push for SBOMs to Bolster Cybersecurity

Application Security, CISA, guidance, Risk Management, SBOM /

US, Allies Push for SBOMs to Bolster Cybersecurity 2025-09-04 at 13:52 By Ionut Arghire SBOM adoption will drive software supply chain security, decreasing risks and costs, and improving transparency. The post US, Allies Push for SBOMs to Bolster Cybersecurity appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

US, Allies Push for SBOMs to Bolster Cybersecurity Read More »

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)

CISA, Don't miss, Git, Hot stuff, News, PoC, software development, vulnerability /

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) 2025-08-26 at 13:47 By Zeljka Zorz CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not public, but the confirmation of exploitation comes from the US Cybersecurity and Infrastructure Security

React to this headline:

Loading spinner

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) Read More »

Organizations Warned of Exploited Git Vulnerability

CISA, CISA KEV, exploited, Git, Vulnerabilities /

Organizations Warned of Exploited Git Vulnerability 2025-08-26 at 11:29 By Ionut Arghire CISA urges federal agencies to immediately patch an exploited arbitrary file write vulnerability in Git that leads to remote code execution. The post Organizations Warned of Exploited Git Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Organizations Warned of Exploited Git Vulnerability Read More »

CISA Requests Public Feedback on Updated SBOM Guidance

Application Security, CISA, guidance, SBOM, Supply Chain Security /

CISA Requests Public Feedback on Updated SBOM Guidance 2025-08-25 at 13:54 By Ionut Arghire CISA has updated the Minimum Elements for a Software Bill of Materials (SBOM) guidance and is seeking public comment. The post CISA Requests Public Feedback on Updated SBOM Guidance appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

CISA Requests Public Feedback on Updated SBOM Guidance Read More »

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876)

0-day, CISA, Don't miss, Hot stuff, MSP, N-able, News, remote management, vulnerability /

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) 2025-08-14 at 13:33 By Zeljka Zorz Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service providers, are being exploited by attackers. There are no public reports of exploitation, but the confirmation came from

React to this headline:

Loading spinner

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) Read More »

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)

CISA, cloud security, Don't miss, Email, enterprise, Hot stuff, hybrid IT, Microsoft Exchange, News /

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786) 2025-08-07 at 17:40 By Zeljka Zorz “In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization’s connected cloud environment without leaving easily detectable and auditable trace,” Microsoft has announced on Wednesday.

React to this headline:

Loading spinner

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786) Read More »

It’s time to sound the alarm on water sector cybersecurity

CISA, CISO, critical infrastructure, cyber risk, cybersecurity, News, Semperis, strategy, tips /

It’s time to sound the alarm on water sector cybersecurity 2025-08-01 at 09:07 By Sinisa Markovic A cyberattack on a water facility can put entire communities and businesses at risk. Even a short disruption in clean water supply can have serious public health and safety consequences, and threat actors know the damage they can cause.

React to this headline:

Loading spinner

It’s time to sound the alarm on water sector cybersecurity Read More »

Senate Committee Advances Trump Nominee to Lead CISA

CISA, Government, Sean Plankey /

Senate Committee Advances Trump Nominee to Lead CISA 2025-07-30 at 22:36 By Associated Press Committee Members voted to recommend Sean Plankey for director of the Cybersecurity and Infrastructure Security Agency. The post Senate Committee Advances Trump Nominee to Lead CISA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Senate Committee Advances Trump Nominee to Lead CISA Read More »

Organizations Warned of Interlock Ransomware Attacks

alert, CISA, Ransomware /

Organizations Warned of Interlock Ransomware Attacks 2025-07-23 at 14:35 By Ionut Arghire The US government has issued an alert on the Interlock ransomware, which targets organizations via drive-by download attacks. The post Organizations Warned of Interlock Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Organizations Warned of Interlock Ransomware Attacks Read More »

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770)

0-day, CISA, Don't miss, exploit, Eye Security, Hot stuff, Microsoft, News, Palo Alto Networks, SharePoint /

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) 2025-07-21 at 00:02 By Zeljka Zorz Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed on Saturday. CVE-2025-53770 is being leveraged to place a backdoor on vulnerable

React to this headline:

Loading spinner

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) Read More »

Casie Antalis Named Executive Director of CISA

appointed, Casie Antalis, CISA, Government /

Casie Antalis Named Executive Director of CISA 2025-06-30 at 14:39 By Eduard Kovacs Casie Antalis is the new executive director of the Cybersecurity and Infrastructure Security Agency after the departure of Bridget Bean. The post Casie Antalis Named Executive Director of CISA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Casie Antalis Named Executive Director of CISA Read More »

SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles

automotive security, CISA, Don't miss, GPS, Hot stuff, location tracking, News, remote management, SinoTrack /

SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles 2025-06-16 at 16:18 By Zeljka Zorz Vulnerabilities affecting the SinoTrack GPS tracking platform may allow attackers to keep tabs on vehicles’ location and even perform actions such as disconnecting power to vehicles’ fuel pump (if the tracker can interact with a car’s system). The warning

React to this headline:

Loading spinner

SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles Read More »

Scroll to Top