Apache Releases Security Advisory for Tomcat  

The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to cause a denial of service condition. CISA encourages users and administrators to review Apache’s security advisory for...

Microsoft Addresses 'Wormable' RCE Vulnerability in Windows DNS Server

Microsoft has released a security update to address a remote code execution RCE vulnerability—CVE-2020-1350—in Windows DNS Server. A remote attacker could exploit this vulnerability to take control of an affected system. This is considered a “wormable” vulnerability that affects all Windows Serve...

Google Releases Security Updates for Chrome

Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities CVE-2019-13720 was detected in exploits in the wild. The Cybersecurity and...

Juniper Networks Releases Security Updates

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the following Juniper Security Advisori...

Microsoft Releases Security Updates for its Malware Protection Engine

Microsoft has released updates to address a vulnerability in Microsoft Malware Protection Engine affecting multiple products. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review Microsoft's Advisory and...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types an...

Samba Releases Security Updates

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Samba security announcements as wel...

Apache Releases Security Update for Apache Struts 2

The Apache Software Foundation has released a security update to address a vulnerability in Apache Struts versions 2.0.0 to 2.5.25. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users...

Microsoft Releases Security Advisory for Windows Hello for Business

Microsoft has released a Security Advisory to address an issue in Windows Hello for Business WHfB. An attacker could exploit this issue on devices that were affected by CVE-2017-15361, also known as Return of Coppersmith’s Attack ROCA, to take control of an affected system. The Cybersecurity and...

Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138

Atlassian has released a security advisory to address a vulnerability CVE-2022-26138 affecting Questions for Confluence App. An attacker could exploit this vulnerability to obtain sensitive information. Atlassian reports that the vulnerability is likely to be exploited in the wild. CISA encourage...

Ivanti Releases Security Update for Pulse Connect Secure

Ivanti has released Pulse Connect Secure system software version 9.1R12 to address multiple vulnerabilities an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review Ivanti's Security Advisory SA44858 and apply the necessary update. This...

Microsoft Releases Security Advisory on Internet Explorer Vulnerability

Microsoft has released a security advisory to address a critical vulnerability in Internet Explorer. A remote attacker could exploit this vulnerability to take control of an affected system. According to the advisory, “Microsoft is aware of limited targeted attacks.” The Cybersecurity and...

Samba Remote Code Execution Vulnerability

Linux and Unix based operating systems employing Samba versions 3.5.0 through 4.2.0rc4 contain a vulnerability in the Server Message Block daemon smbd. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT recommends users and administrators...

Significant Historical Cyber-Intrusion Campaigns Targeting ICS

Protecting our Nation’s critical infrastructure is the responsibility of federal and state, local, tribal, and territorial SLTT governments and owners and operators of that infrastructure. The cybersecurity threats posed to the industrial control systems ICS that control and operate critical...

Apache Releases Security Advisory for Apache Tomcat

The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...

GNU GRUB2 Vulnerability

Free Software Foundation GNU Project's multiboot boot loader, GNU GRUB2, contains a vulnerability—CVE-2020-10713—that a local attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

Apache Releases Security Advisory for Tomcat

The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Apache Tomcat 9.0. An attacker could exploit this vulnerability to access sensitive information. CISA encourages users and administrators to review the Apache security advisory for...

Cisco Releases Security Updates for AnyConnect Secure Mobility Client

Cisco has released security updates to address a vulnerability in Cisco AnyConnect Secure Mobility Client. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Cisco Security Advisory...

CISA Releases Emergency Directive on Critical Microsoft Vulnerability

The Cybersecurity and Infrastructure Security Agency CISA has released Emergency Directive 20-03 addressing a critical vulnerability—CVE-2020-1350—affecting all versions of Windows Server with the Domain Name System DNS role enabled. A remote attacker could exploit this vulnerability to take...

Microsoft Releases Out-of-Band Security Updates

Microsoft has released out-of-band security updates to address vulnerabilities in Microsoft software. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on December 22, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities—CVE-2022-22674 and CVE-2022-22675—in multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected device. These vulnerabilities have been detected in exploits in the wild. CISA encourages...

Palo Alto Networks Release Security Updates for PAN-OS

Palo Alto Networks has released security updates to address a vulnerability affecting PAN-OS firewall configurations with GlobalProtect portal and gateway interfaces. These updates address a vulnerability that only affects old versions of PAN-OS 8.1.16 and earlier. An unauthenticated attacker wit...

VMware Releases Workarounds for CVE-2020-4006

VMware has released workarounds to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure...

Microsoft Re-Releases Security Updates

Microsoft has re-released security updates to address a vulnerability in Microsoft software. A remote attacker could exploit this vulnerability to take control of an affected system. Updates are now available automatically via Windows Update or Windows Server Update Services. The Cybersecurity an...

Exim Releases Security Patches

Exim has released patches to address a vulnerability affecting Exim versions 4.87–4.91. A remote attacker could exploit this vulnerability to take control of an affected email server. This vulnerability was detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agency CIS...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2021-22175link is external GitLab Server-Side Request Forgery SSRF Vulnerability CVE-2026-22769link is external Dell RecoverPoint for Virtual Machines RP4VMs Us...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14611link is external Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability CVE-2025-43529link is external Apple Multiple Products...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-32756link is external Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicio...

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in VMware’s Workspace ONE Access, Access Connector, Identity Manager, Identity Manager Connector, and vRealize Automation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system...

OpenSSL Releases Security Updates

OpenSSL has released security updates addressing a vulnerability CVE-2022-0778 affecting multiple versions of OpenSSL. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the OpenSSL Advisory and upgrade to the...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerability listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and po...

Samba Releases Security Updates

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Samba Security Announcements for...

CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity

CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat APT actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly used...

Oracle Releases Security Alert for Oracle HTTP Server Products

Oracle has released a security alert to address a vulnerability in Apache HTTPD. This vulnerability affects: Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0 Oracle Application Server 10g Release 3, version 10.1.3.5.0 Oracle Application Server 10g Release 2,...

Cisco Releases Security Updates

Cisco has released security updates to address a vulnerability in Adaptive Security Appliance Software Release 9.16.1 and Firepower Threat Defense Software Release 7.0.0. A remote attacker could exploit this vulnerability to cause a denial of service condition. CISA encourages users and...

ISC Releases Security Advisories for BIND

The Internet Systems Consortium ISC has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain BIND. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and Infrastructu...

Apache Releases Security Updates for Apache Tomcat

The Apache Software Foundation has released security updates to address vulnerabilities in Apache Tomcat versions 9.0.0.M9 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. NCCIC...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference XXE Vulnerability CVE-2024-28995 SolarWinds Serv-U Path...

McAfee Releases Security Update for McAfee Agent for Windows 

McAfee has released McAfee Agent for Windows version 5.7.5, which addresses vulnerabilities CVE-2021-31854 and CVE-2022-0166. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review McAfee Security Bulletin SB10378...

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities affecting vRealize Operations, Cloud Foundation, and vRealize Suite Lifecycle Manager. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...

Google Releases Security Updates for Chrome, CVE-2020-16009

Google has released Chrome version 86.0.4240.183 for Windows, Mac, and Linux addressing multiple vulnerabilities, including vulnerability CVE-2020-16009. Exploit code for this vulnerability exists in the wild. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

Microsoft Releases Security Advisory for Internet Explorer

Microsoft has released Security Advisory 2887505 regarding a remote code execution vulnerability CVE-2013-3893 impacting Internet Explorer versions 6 through 11. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Internet Explorer 8 and Internet Explorer 9. The...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20262link is external Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability CVE-2026-54420link is external LiteSpeed cPanel Plugin UNIX...

Supply Chain Compromises Impact Nx Console and GitHub Repositories

CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development CI/CD pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code VS...

Samba Releases Security Updates

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Samba security announcements and...

Samba Releases Security Updates

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Samba security announcement CVE-2022-42898 and...

Citrix Releases Security Updates for Multiple Products

Citrix has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Citrix security bulletins and apply the necessary...

ISC Releases Security Advisory for BIND

The Internet Systems Consortium ISC has released a security advisory that addresses a vulnerability affecting multiple versions of the ISC Berkeley Internet Name Domain BIND. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and...

U.S. Government Releases Indictment and Several Advisories Detailing Chinese Cyber Threat Activity

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have observed increasingly sophisticated Chinese state-sponsored activity targeting U.S. political, economic, military, educational, and critical infrastructure personnel and organizations. In response: The White...