CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2021-22054link is external Omnissa Workspace ONE Server-Side Request Forgery CVE-2025-26399link is external SolarWinds Web Help Desk Deserialization of...

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2017-7921link is external Hikvision Multiple Products Improper Authentication Vulnerability CVE-2021-22681link is external Rockwell Multiple Products...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-21385link is external Qualcomm Multiple Chipsets Memory Corruption Vulnerability CVE-2026-22719link is external Broadcom VMware Aria Operations Command...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2022-20775link is external Cisco Catalyst SD-WAN Path Traversal Vulnerability CVE-2026-20127link is external Cisco Catalyst SD-WAN Controller and Manager...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-25108link is external Soliton Systems K.K. FileZen OS Command Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-49113link is external RoundCube Webmail Deserialization of Untrusted Data Vulnerability CVE-2025-68461link is external RoundCube Webmail Cross-site Scripti...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2021-22175link is external GitLab Server-Side Request Forgery SSRF Vulnerability CVE-2026-22769link is external Dell RecoverPoint for Virtual Machines RP4VMs Us...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2008-0015link is external Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability CVE-2020-7796link is external Synacor Zimbra Collaboratio...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-1731link is external BeyondTrust Remote Support RS and Privileged Remote Access PRA OS Command Injection Vulnerability These types of vulnerabilities are...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-43468link is external Microsoft Configuration Manager SQL Injection Vulnerability CVE-2025-15556link is external Notepad++ Download of Code Without...

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team CERT Polska’s Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders. In December 2025, a malicious cyber actors targeted and compromised operational...

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-21510link is external Microsoft Windows Shell Protection Mechanism Failure Vulnerability CVE-2026-21513link is external Microsoft MSHTML Framework Security...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-11953link is external React Native Community CLI OS Command Injection Vulnerability CVE-2026-24423link is external SmarterTools SmarterMail Missing...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2019-19006link is external Sangoma FreePBX Improper Authentication Vulnerability CVE-2021-39935link is external GitLab Community and Enterprise Editions...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-1281link is external Ivanti Endpoint Manager Mobile EPMM Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...

Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858

Newly disclosed vulnerability Common Vulnerabilities and Exposures CVE-2026-24858link is external Common Weakness Enumeration CWE-288: Authentication Bypass Using an Alternate Path or Channellink is external allows malicious actors with a FortiCloud account and a registered device to log in to...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-24858link is external Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability This type of vulnerability is a...

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2018-14634link is external Linux Kernel Integer Overflow Vulnerability CVE-2025-52691link is external SmarterTools SmarterMail Unrestricted Upload of File with...

Avoid Scams After Disaster Strikes

As natural disasters occur, CISA urges individuals to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-37079link is external Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-31125link is external Vite Vitejs Improper Access Control Vulnerability CVE-2025-34026link is external Versa Concerto Improper Authentication Vulnerabilit...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20045link is external Cisco Unified Communications Products Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20805link is external Microsoft Windows Information Disclosure Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actor...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-8110link is external Gogs Path Traversal Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significan...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2009-0556link is external Microsoft Office PowerPoint Code Injection Vulnerability CVE-2025-37164link is external HPE OneView Code Injection Vulnerability These...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-364-01: WHILL C2 Wheelchairs ICSA-25-345-03: AzeoTech DAQFactory Update A CISA encourages users and...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14847link is external MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability This type of vulnerability is a frequent...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS Advisory. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-177-01 Mitsubishi Electric Air Conditioning Systems Update B CISA encourages users and administrators to...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-52163link is external Digiever DS-2105 Pro Missing Authorization Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

NIST and CISA Release Draft Interagency Report on Protecting Tokens and Assertions from Tampering Theft and Misuse for Public Comment

The Cybersecurity and Infrastructure Security Agency CISA and National Institute of Standards and Technology NIST have released an initial draft of Interagency Report IR 8597 Protecting Tokens and Assertions from Forgery, Theft, and Misuse for public comment through January 30, 2026. This report ...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14733link is external WatchGuard Firebox Out-of-Bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors...

CISA and Partners Release Update to Malware Analysis Report BRICKSTORM Backdoor

Today, the Cybersecurity and Infrastructure Security Agency CISA, National Security Agency, and Canadian Centre for Cyber Security released an update to the Malware Analysis Report BRICKSTORM Backdoor with indicators of compromise IOCs and detection signatures for additional BRICKSTORM samples...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-352-01 Inductive Automation Ignition ICSA-25-352-02 Schneider Electric EcoStruxure Foxboro DCS Advisor...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-20393link is external Cisco Multiple Products Improper Input Validation Vulnerability CVE-2025-40602link is external SonicWall SMA1000 Missing...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-350-01 Güralp Systems FMUS Fortimus Series and MIN Minimus Series ICSA-25-350-02 Johnson Controls PowerG,...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-59718link is external Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability This type of vulnerability is a frequent atta...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14611link is external Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability CVE-2025-43529link is external Apple Multiple Products...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14174link is external Google Chromium Out-of-Bounds Memory Access Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2018-4063link is external Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability This type of vulnerability is a frequent...

2025 CWE Top 25 Most Dangerous Software Weaknesses

The Cybersecurity and Infrastructure Security Agency CISA, in collaboration with the Homeland Security Systems Engineering and Development Institute HSSEDI, operated by the MITRE Corporation, has released the 2025 Common Weakness Enumeration CWE Top 25 Most Dangerous Software Weaknesseslink is...

Cybersecurity Performance Goals 2.0 for Critical Infrastructure

Today, CISA released updated Cross-Sector Cybersecurity Performance Goals CPG 2.0 with measurable actions for critical infrastructure owners and operators to achieve a foundational level of cybersecurity. This update incorporates lessons learned, aligns with the most recent National Institute of...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-58360link is external OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability This type of vulnerability is a frequent attack...

CISA Releases 12 Industrial Control Systems Advisories

CISA released 12 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-345-01 Johnson Controls iSTAR ICSA-25-345-02 Johnson Controls iSTAR Ultra ICSA-25-345-03 AzeoTech DAQFactor...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-343-01 Universal Boot Loader U-Boot ICSA-25-343-02 Festo LX Appliance ICSA-25-343-03 Multiple India-Base...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-6218link is external RARLAB WinRAR Path Traversal Vulnerability CVE-2025-62221link is external Microsoft Windows Use After Free Vulnerability These types o...

Opportunistic Pro-Russia Hacktivists Attack US and Global Critical Infrastructure

CISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy, Environmental Protection Agency, the Department of Defense Cyber Crime Center, and other international partners published a joint cybersecurity advisory, Pro-Russia Hacktivists Create...

CISA Adds One Known Exploited Vulnerability to Catalog

Updated December 9, 2025: Check for signs of potential compromise on all internet accessible REACT instances after applying mitigations. For more information, see React Blog: Critical Security Vulnerability in React Server Componentslink is external. CISA has added one new vulnerability to its...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2022-37055link is external D-Link Routers Buffer Overflow Vulnerability CVE-2025-66644link is external Array Networks ArrayOS AG OS Command Injection...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-338-01 Mitsubishi Electric GX Works2 ICSA-25-338-02 MAXHUB Pivot ICSA-25-338-03 Johnson Controls OpenBlue...

PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems

The Cybersecurity and Infrastructure Security Agency CISA is aware of ongoing intrusions by People’s Republic of China PRC state-sponsored cyber actors using BRICKSTORM malware for long-term persistence on victim systems. BRICKSTORM is a sophisticated backdoor for VMware vSphere1,2 and Windows...