CISA KEV

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List 2026-03-06 at 15:38 By Ionut Arghire The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List Read More »

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs 2026-02-24 at 14:00 By Eduard Kovacs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog. The post Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs appeared first on SecurityWeek. This article is an

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs Read More »

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog 2026-02-09 at 11:10 By Kevin Townsend The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. The post New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog Read More »

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks 2026-02-06 at 09:54 By Ionut Arghire The security defect allows unauthenticated attackers to execute arbitrary code remotely via malicious HTTP requests. The post Critical SmarterMail Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks Read More »

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog 2026-02-06 at 08:00 By Eduard Kovacs CISA updated 59 KEV entries in 2025 to specify that the vulnerabilities have been exploited in ransomware attacks. The post Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog appeared first on SecurityWeek. This article is an excerpt

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog Read More »

Organizations Warned of Exploited Zimbra Collaboration Vulnerability

Organizations Warned of Exploited Zimbra Collaboration Vulnerability 2026-01-23 at 15:31 By Ionut Arghire CISA has added the Zimbra flaw to the KEV catalog along with three other bugs exploited in the wild. The post Organizations Warned of Exploited Zimbra Collaboration Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Zimbra Collaboration Vulnerability Read More »

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over 2026-01-09 at 15:44 By Ionut Arghire The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog. The post CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over appeared first on SecurityWeek. This article is an excerpt from

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over Read More »

Critical HPE OneView Vulnerability Exploited in Attacks

Critical HPE OneView Vulnerability Exploited in Attacks 2026-01-08 at 13:20 By Ionut Arghire The maximum-severity code injection flaw can be exploited without authentication for remote code execution. The post Critical HPE OneView Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical HPE OneView Vulnerability Exploited in Attacks Read More »

CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries

CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries 2026-01-05 at 17:15 By Ionut Arghire With 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws. The post CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries appeared first on SecurityWeek. This article is

CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries Read More »

CISA Warns of Exploited Flaw in Asus Update Tool

CISA Warns of Exploited Flaw in Asus Update Tool 2025-12-18 at 15:37 By Ionut Arghire Tracked as CVE-2025-59374, the issue is a software backdoor implanted in Asus Live Update in a supply chain attack. The post CISA Warns of Exploited Flaw in Asus Update Tool appeared first on SecurityWeek. This article is an excerpt from

CISA Warns of Exploited Flaw in Asus Update Tool Read More »

Recent GeoServer Vulnerability Exploited in Attacks

Recent GeoServer Vulnerability Exploited in Attacks 2025-12-12 at 15:31 By Ionut Arghire Because user input is not sufficiently sanitized, attackers could exploit the flaw to define external entities within an XML request. The post Recent GeoServer Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent GeoServer Vulnerability Exploited in Attacks Read More »

CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack

CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack 2025-12-01 at 13:14 By Eduard Kovacs CISA has added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack Read More »

Critical WatchGuard Firebox Vulnerability Exploited in Attacks

Critical WatchGuard Firebox Vulnerability Exploited in Attacks 2025-11-13 at 14:40 By Ionut Arghire Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls. The post Critical WatchGuard Firebox Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical WatchGuard Firebox Vulnerability Exploited in Attacks Read More »

CISA Warns of CWP Vulnerability Exploited in the Wild

CISA Warns of CWP Vulnerability Exploited in the Wild 2025-11-05 at 10:08 By Eduard Kovacs A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution. The post CISA Warns of CWP Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Warns of CWP Vulnerability Exploited in the Wild Read More »

CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog

CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog 2025-10-31 at 13:59 By Ionut Arghire Broadcom has updated its advisory on CVE-2025-41244 to mention the vulnerability’s in-the-wild exploitation. The post CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog Read More »

CISA Warns of Exploited DELMIA Factory Software Vulnerabilities

CISA Warns of Exploited DELMIA Factory Software Vulnerabilities 2025-10-29 at 11:41 By Ionut Arghire Two DELMIA Apriso flaws can be chained together to gain privileged access to the application and execute arbitrary code remotely. The post CISA Warns of Exploited DELMIA Factory Software Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

CISA Warns of Exploited DELMIA Factory Software Vulnerabilities Read More »

CISA Confirms Exploitation of Latest Oracle EBS Vulnerability 

CISA Confirms Exploitation of Latest Oracle EBS Vulnerability  2025-10-21 at 11:54 By Eduard Kovacs The cybersecurity agency has added CVE-2025-61884 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Confirms Exploitation of Latest Oracle EBS Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CISA Confirms Exploitation of Latest Oracle EBS Vulnerability  Read More »

Organizations Warned of Exploited Adobe AEM Forms Vulnerability

Organizations Warned of Exploited Adobe AEM Forms Vulnerability 2025-10-16 at 17:45 By Ionut Arghire A public PoC existed when Adobe patched the Experience Manager Forms (AEM Forms) bug in early August. The post Organizations Warned of Exploited Adobe AEM Forms Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Adobe AEM Forms Vulnerability Read More »

Organizations Warned of Exploited Meteobridge Vulnerability

Organizations Warned of Exploited Meteobridge Vulnerability 2025-10-03 at 13:49 By Ionut Arghire Patched in mid-May, the security defect allows remote unauthenticated attackers to execute arbitrary commands with root privileges. The post Organizations Warned of Exploited Meteobridge Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Meteobridge Vulnerability Read More »

Organizations Warned of Exploited Git Vulnerability

Organizations Warned of Exploited Git Vulnerability 2025-08-26 at 11:29 By Ionut Arghire CISA urges federal agencies to immediately patch an exploited arbitrary file write vulnerability in Git that leads to remote code execution. The post Organizations Warned of Exploited Git Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Git Vulnerability Read More »

Scroll to Top