CISA

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)

CISA, Don't miss, enterprise, Hot stuff, monitoring, News, Resecurity, SIEM, Splunk, vulnerability /

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253) 2026-06-19 at 13:50 By Zeljka Zorz CISA has added CVE-2026-20253, a critical, remotely exploitable vulnerability in Splunk Enterprise, to its Known Exploited Vulnerabilities catalog, and ordered US federal civilian agencies to apply mitigations by June 21, 2026. In-the-wild exploitation has also been confirmed by the vendor […]

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253) Read More »

Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)

0-day, APT, CISA, Cisco, Don't miss, Hot stuff, News, SD-WAN /

Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262) 2026-06-16 at 13:20 By Zeljka Zorz Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But the associated security advisory also states that “the vulnerability was found during internal security testing”, raising the

Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262) Read More »

CISA orders federal agencies to “patch smarter”

CISA, Cisco, Don't miss, enterprise, Government, Hot stuff, News, NIST, risk assessment, USA, vulnerability management /

CISA orders federal agencies to “patch smarter” 2026-06-11 at 20:18 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches vulnerability management. The directive arrives as the patching problem has become nearly unmanageable, driven by a surge in newly

CISA orders federal agencies to “patch smarter” Read More »

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk

BOD, CISA, CISA KEV, Government, Vulnerabilities, vulnerability, vulnerability management /

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk 2026-06-11 at 16:01 By Ionut Arghire The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries. The post CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk appeared first on SecurityWeek. This

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk Read More »

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

AI, CISA, Don't miss, Horizon3.ai, Hot stuff, LLMs, News, open source, Proxy, vulnerability /

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) 2026-06-09 at 15:21 By Zeljka Zorz A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog on Monday. About CVE-2026-42271 LiteLLM is

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) Read More »

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

CISA, Don't miss, enterprise, file transfer, Government, Hot stuff, News, SolarWinds, vulnerability /

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) 2026-06-08 at 14:07 By Zeljka Zorz A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday. The agency has ordered US federal civilian

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) Read More »

Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)

0-day, CISA, Don't miss, Endpoint Security, enterprise, Hot stuff, News, security update, Trend Micro /

Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926) 2026-05-26 at 17:32 By Zeljka Zorz A relative directory path traversal vulnerability (CVE-2026-34926) in Trend Micro’s Apex One platform has been exploited in zero-day attacks, the company confirmed. “TrendAI has observed at least one attempt to exploit this vulnerability in the wild,” Trend Micro

Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926) Read More »

CISA: Critical Infrastructure Must Master Isolation, Recovery

CI Fortify, CISA, critical infrastructure, Government, guidance, ICS/OT, Incident Response, isolation, OT, recovery /

CISA: Critical Infrastructure Must Master Isolation, Recovery 2026-05-06 at 16:42 By Eduard Kovacs The agency has issued guidance to help critical infrastructure operators prepare for cyberattacks by foreign threat actors. The post CISA: Critical Infrastructure Must Master Isolation, Recovery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CISA: Critical Infrastructure Must Master Isolation, Recovery Read More »

New Cisco firewall malware can only be killed by pulling the plug

backdoor, CISA, Cisco, Don't miss, firewall, government-backed attacks, Hot stuff, NCSC, News /

New Cisco firewall malware can only be killed by pulling the plug 2026-04-24 at 13:17 By Zeljka Zorz Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security Centre warned on Thusday. “The [Firestarter] malware (…) is relevant for both Cisco

New Cisco firewall malware can only be killed by pulling the plug Read More »

CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133)

Arctic Wolf Networks, CISA, Cisco, Don't miss, Government, Hot stuff, News, VulnCheck /

CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) 2026-04-21 at 15:29 By Zeljka Zorz CISA added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including a Cisco Catalyst SD-WAN Manager vulnerability (CVE-2026-20133) that Cisco has yet to flag as exploited. Three Cisco Catalyst SD-WAN Manager vulnerabilities Alongside CVE-2026-20133, CISA has

CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) Read More »

Iranian cyber activity hits US energy, water, and government networks

CISA, critical infrastructure, cybersecurity, energy sector, FBI, Government, News, NIST, NSA /

Iranian cyber activity hits US energy, water, and government networks 2026-04-08 at 15:06 By Anamarija Pogorelec U.S. government agencies on Tuesday warned American organizations about ongoing cyber activity targeting OT and PLC devices, including those manufactured by Rockwell Automation and Allen-Bradley, across multiple critical infrastructure sectors. The activity has been attributed to Iranian-affiliated APT actors

Iranian cyber activity hits US energy, water, and government networks Read More »

White House Seeks to Slash CISA Funding by $707 Million

budget, CISA, Government, White House /

White House Seeks to Slash CISA Funding by $707 Million 2026-04-07 at 11:31 By Eduard Kovacs The Trump administration says the FY2027 budget refocuses CISA on its core mission: protecting federal agencies and critical infrastructure. The post White House Seeks to Slash CISA Funding by $707 Million appeared first on SecurityWeek. This article is an

White House Seeks to Slash CISA Funding by $707 Million Read More »

Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)

access management, CISA, CVE, Don't miss, enterprise, F5 Networks, financial industry, Government, Hot stuff, News, vulnerability /

Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) 2026-03-28 at 11:30 By Zeljka Zorz A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US Cybersecurity and Infrastructure Security Agency warned on Friday. CISA added the flaw to its Known Exploited Vulnerabilities

Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) Read More »

CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation

Aqua Security, CISA, Don't miss, Hot stuff, Langflow, News, supply chain compromise, vulnerability /

CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation 2026-03-27 at 12:43 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection vulnerability in Langflow, an open-source framework for building AI agents and

CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation Read More »

Russian hackers go after high-value targets through Signal

CISA, cyber espionage, FBI, Government, News, phishing, Russian Federation, Signal /

Russian hackers go after high-value targets through Signal 2026-03-23 at 11:20 By Sinisa Markovic Russian intelligence-linked hackers are targeting commercial messaging platforms, with Signal a primary focus, the FBI and CISA warn. The campaign is aimed at individuals of intelligence interest, including government personnel, journalists, and others with access to sensitive communications. It is believed

Russian hackers go after high-value targets through Signal Read More »

Secure endpoint management systems immediately, CISA urges

CISA, cybersecurity, endpoint management, Endpoint Security, Government, Microsoft, News, USA /

Secure endpoint management systems immediately, CISA urges 2026-03-19 at 14:59 By Sinisa Markovic The US Cybersecurity and Infrastructure Security Agency (CISA) warns that the cyberattack on Stryker Corporation serves as a signal to U.S. organizations that foreign cyber activity tied to Middle East conflicts may be spilling into their operations. Attackers breached Stryker’s internal Microsoft

Secure endpoint management systems immediately, CISA urges Read More »

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)

CISA, Don't miss, Hot stuff, Microsoft, News, SharePoint, vulnerability /

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963) 2026-03-19 at 13:32 By Zeljka Zorz CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to its Known Exploited Vulnerabilities

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963) Read More »

Nick Andersen Appointed Acting Director of CISA

appointed, CISA, Government, Management & Strategy, Nick Andersen /

Nick Andersen Appointed Acting Director of CISA 2026-03-02 at 15:09 By Eduard Kovacs Madhu Gottumukkala has been assigned to a new role within the Department of Homeland Security. The post Nick Andersen Appointed Acting Director of CISA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Nick Andersen Appointed Acting Director of CISA Read More »

Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127)

0-day, ACSC, CISA, Cisco, Don't miss, exploit, Government, Hot stuff, News, SD-WAN /

Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127) 2026-02-25 at 19:04 By Zeljka Zorz A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller (formerly vSmart), Cisco has announced today. The vulnerability was reported by Australian Signals Directorate’s Australian Cyber Security Centre, who said

Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127) Read More »

CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108)

0-day, CISA, Don't miss, file-sharing, FileZen, Hot stuff, Japan, JPCERT/CC, News, Ransomware, Soliton, vulnerability /

CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108) 2026-02-25 at 12:14 By Zeljka Zorz CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems’ FileZen secure file transfer solution, to its Known Exploited Vulnerabilities (KEV) catalog. The vendor has confirmed active exploitation, stating it has received multiple reports of damage caused

CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108) Read More »

Scroll to Top