CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-42271link is external BerriAI LiteLLM Command Injection Vulnerability CVE-2026-50751link is external Check Point Security Gateway Improper Authentication...

CISA: CISA and Partners Urge Hardening Automatic Tank Gauge Systems

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, the Department of Energy DOE, the Environmental Protection Agency EPA, the Transportation Security Administration TSA, the Department of Transportation DOT, and th...

Hosting Service Standards That Define High-Performing Agencies

There’s a quiet pattern among the agencies that consistently outperform their competitors. Their client retention rates are higher.…...

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile EPMM has been explored in limited attacks in the wild. The high-severity vulnerability, CVE-2026-6973 CVSS score: 7.2, is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0....

Supporting the National Cyber Strategy: How TrendAI™ Helps

A deeper look at the first three pillars and outlining how our capabilities directly support government agencies working to bring this strategy to life...

Anti-ICE Site GTFO ICE Accused of Exposing Data of 17,000+ Activists

An anti-ICE website, GTFO ICE, linked to Miles Taylor, is accused of exposing the personal details of 17,662 activists, sparking concerns that the data may have reached government agencies...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-31431link is external Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability This type of vulnerability is a frequent attack vector for...

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

The Office of Inspector General OIG of the U.S. National Aeronautics and Space Administration NASA has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities,...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-33825link is external Microsoft Defender Insufficient Granularity of Access Control Vulnerability This type of vulnerability is a frequent attack vector for...

Grinex crypto exchange shuts down, blames Western agencies for $13.7M breach

Grinex exchange collapses after $13.7M breach, blames Western spies as Chainalysis flags possible exit scam and sanctions evasion network links claims...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2009-0238link is external Microsoft Office Remote Code Execution Vulnerability CVE-2026-32201link is external Microsoft SharePoint Server Improper Input...

Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records

A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies...

U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026

The first quarter of 2026 has reinforced a hard truth: U.S. government agencies and educational institutions are operating in the most hostile cyber threat environment ever recorded...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-53521link is external F5 BIG-IP Remote Code Execution Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and pos...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-33634link is external Aqua Security Trivy Embedded Malicious Code Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

Feds Takes Down SocksEscort Proxy Network Used in Global Fraud Schemes

European and US agencies dismantled the SocksEscort proxy network built on infected routers and used by cybercriminals in global fraud schemes...

900+ Certificates Used by Fortune 500, Governments Exposed by Key Leaks

A joint study by Google and GitGuardian reveals that over 2,600 valid TLS certificates, protecting Fortune 500 companies and government agencies, were compromised due to private key leaks on GitHub and DockerHub...

Pentagon ditches Anthropic AI over “security risk” and OpenAI takes over

On Friday the US Pentagon cut ties with Anthropic, the company behind Claude AI. Defense Secretary Pete Hegseth designated the San Francisco-based company a "supply-chain risk to national security." The supply-chain risk designation means that no contractor, supplier, or partner doing business wi...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-21385link is external Qualcomm Multiple Chipsets Memory Corruption Vulnerability CVE-2026-22719link is external Broadcom VMware Aria Operations Command...

Critical Cisco Catalyst Vulnerability Exploited in the wild (CVE-2026-20127)

Overview On February 25, 2026, Cisco disclosed a critical authentication bypass vulnerability in Cisco Catalyst SD‑WAN Controller and Cisco Catalyst SD‑WAN Manager, tracked as CVE‑2026‑20127, that allows an unauthenticated attacker to gain administrative access to affected systems. The Cisco...