CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on September 25, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-268-01 Dingtian DT-R002 CISA encourages users and administrators to review newly...

CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices

Today, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices to address vulnerabilities in Cisco Adaptive Security Appliances ASA and Cisco Firepower devices. CISA has added vulnerabilities CVE-2025-20333link is external and CVE-2025-20362link is...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-10585link is external Google Chromium V8 Type Confusion Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and...

Widespread Supply Chain Compromise Impacting npm Ecosystem

CISA is releasing this Alert to provide guidance in response to a widespread software supply chain compromise involving the world’s largest JavaScript registry, npmjs.com. A self-replicating worm—publicly known as “Shai-Hulud”—has compromised over 500 packages.i After gaining initial access, the...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on September 23, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-266-01 AutomationDirect CLICK PLUS ICSA-25-266-02 Mitsubishi Electric MELSEC-Q Serie...

CISA Releases Advisory on Lessons Learned from an Incident Response Engagement

Today, CISA released a cybersecurity advisory detailing lessons learned from an incident response engagement following the detection of potential malicious activity identified through security alerts generated by the agency’s endpoint detection and response tool. This advisory, CISA Shares Lesson...

SonicWall Releases Advisory for Customers after Security Incident

SonicWall released a security advisory to assist their customers with protecting systems impacted by the MySonicWall cloud backup file incident. SonicWall’s investigation found that a malicious actor performed a series of brute force techniques against their MySonicWall.com web portal to gain...

CISA Releases Malware Analysis Report on Malicious Listener Targeting Ivanti Endpoint Manager Mobile Systems

Today, CISA released a Malware Analysis Report detailing the functionality of two sets of malware obtained from an organization compromised by cyber threat actors exploiting CVE-2025-4427link is external and CVE-2025-4428link is external in Ivanti Endpoint Manager Mobile Ivanti EPMM. The Malware...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on September 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-261-01 Westermo Network Technologies WeOS 5 ICSA-25-261-02 Westermo Network...

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on September 16, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-259-01 Schneider Electric Altivar Products, ATVdPAC Module, ILC992 InterLink...

CISA Releases Eleven Industrial Control Systems Advisories

CISA released eleven Industrial Control Systems ICS advisories on September 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-254-01 Siemens SIMOTION Tools ICSA-25-254-02 Siemens SIMATIC Virtualization as a...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-5086link is external Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability This type of vulnerability is a frequent attack vector f...

CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems ICS advisories on September 9, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-252-01 Rockwell Automation ThinManager ICSA-25-252-02 ABB Cylon Aspect BMS/BAS...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-38352link is external Linux Kernel Time-of-Check Time-of-Use TOCTOU Race Condition Vulnerability CVE-2025-48543link is external Android Runtime Unspecifi...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on September 4, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-247-01 Honeywell OneWireless Wireless Device Manager WDM ICSA-25-217-01 Mitsubishi...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-50224link is external TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability CVE-2025-9377link is external TP-Link Archer C7EU and TL-WR841N/NDM...

CISA, NSA, and Global Partners Release a Shared Vision of Software Bill of Materials (SBOM) Guidance

CISA, in collaboration with NSA and 19 international partners, released joint guidance outliningA Shared Vision of Software Bill of Materials SBOM for Cybersecurity. This marks a significant step forward in strengthening software supply chain transparency and security worldwide. An SBOM is a form...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2020-24363link is external TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability CVE-2025-55177link is external Meta Platforms WhatsApp...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on September 2, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-245-01 Delta Electronics EIP Builder ICSA-25-245-02 Fuji Electric FRENIC-Loader 4...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-57819link is external Sangoma FreePBX Authentication Bypass Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors a...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on August 28, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-240-01 Mitsubishi Electric MELSEC iQ-F Series CPU Module ICSA-25-240-02 Mitsubishi...

CISA and Partners Release Joint Advisory on Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage Systems

CISA, along with the National Security Agency, Federal Bureau of Investigation, and international partners, released a joint Cybersecurity Advisory on People’s Republic of China PRC state-sponsored Advanced Persistent Threat APT actors targeting critical infrastructure across sectors and continen...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on August 26, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-238-01 INVT VT-Designer and HMITool ICSA-25-238-03 Schneider Electric Modicon M340...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-7775link is external Citrix NetScaler Memory Overflow Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and pos...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-8069link is external Citrix Session Recording Deserialization of Untrusted Data Vulnerability CVE-2024-8068link is external Citrix Session Recording...

CISA Requests Public Comment for Updated Guidance on Software Bill of Materials

CISA released updated guidance for the Minimum Elements for a Software Bill of Materials SBOM for public comment—comment period begins today and concludes on October 3, 2025. These updates build on the 2021 version of the National Telecommunications and Information Administration SBOM Minimum...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on August 21, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-233-01 Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module ICSA-25-177-01...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-43300link is external Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious cyb...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-231-01 Siemens Desigo CC Product Family and SENTRON Powermanager ICSA-25-231-02 Siemen...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-54948link is external Trend Micro Apex One OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...

CISA Releases Thirty-Two Industrial Control Systems Advisories

CISA released thirty-two Industrial Control Systems ICS advisories on August 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-226-01 Siemens SIMATIC RTLS Locating Manager ICSA-25-226-02 Siemens COMOS...

CISA and Partners Release Asset Inventory Guidance for Operational Technology Owners and Operators

CISA, along with the National Security Agency, the Federal Bureau of Investigation, Environmental Protection Agency, and several international partners, released comprehensive guidance to help operational technology OT owners and operators across all critical infrastructure sectors create and...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-8875link is external N-able N-central Insecure Deserialization Vulnerability CVE-2025-8876link is external N-able N-central Command Injection Vulnerability...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2013-3893link is external Microsoft Internet Explorer Resource Management Errors Vulnerability CVE-2007-0671link is external Microsoft Office Excel Remote Cod...

Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments

Update 08/12/2025: CISA has updated this alert to provide clarification on identifying Exchange Servers on an organization’s networks and provided further guidance on running the Microsoft Exchange Health Checker. Update 08/07/2025: CISA issued Emergency Directive ED 25-02: Mitigate Microsoft...

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on August 12, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-224-01 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share ICSA-25-224-02 Johns...

CISA Issues ED 25-02: Mitigate Microsoft Exchange Vulnerability

Today, CISA issued Emergency Directive ED 25-02: Mitigate Microsoft Exchange Vulnerability in response to CVE-2025-53786link is external, a vulnerability in Microsoft Exchange server hybrid deployments. ED 25-02 directs all Federal Civilian Executive Branch FCEB agencies with Microsoft Exchange...

CISA Releases Ten Industrial Control Systems Advisories

CISA released ten Industrial Control Systems ICS advisories on August 7, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-219-01 Delta Electronics DIAView ICSA-25-219-02 Johnson Controls FX80 and FX90...

CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities

CISA published a Malware Analysis Report MAR with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities: CVE-2025-49704link is external CWE-94: Code Injectionlink is external, CVE-2025-49706link is external CWE-287: Improper Authenticationlink is...

UPDATE: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities

Update 08/06/2025: CISA released a Malware Analysis Report MAR on six files related to CVE-2025-49704link is external, CVE-2025-49706link is external, CVE-2025-53770link is external, and CVE-2025-53771link is external. For more information see MAR-251132.c1.v1 Exploitation of SharePoint...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2020-25078link is external D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability CVE-2020-25079link is external D-Link DCS-2530L and DCS-2670L...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on August 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-217-01 Mitsubishi Electric Iconics Digital Solutions Multiple Products ICSA-25-217-02 Ti...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on July 31, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-212-01 Güralp FMUS Series Seismic Monitoring Devices ICSA-25-212-02 Rockwell Automation...

Thorium Platform Public Availability

Today, CISA, in partnership with Sandia National Laboratories, announced the public availability of Thoriumlink is external, a scalable and distributed platform for automated file analysis and result aggregation. Thorium enhances cybersecurity teams' capabilities by automating analysis workflows...

CISA and USCG Issue Joint Advisory to Strengthen Cyber Hygiene in Critical Infrastructure

CISA, in partnership with the U.S. Coast Guard USCG, released a joint Cybersecurity Advisory aimed at helping critical infrastructure organizations improve their cyber hygiene. This follows a proactive threat hunt engagement conducted at a U.S. critical infrastructure facility. During this...

Eviction Strategies Tool Released

Today, CISA released the Eviction Strategies Tool to provide cyber defenders with critical support and assistance during the containment and eviction phases of incident response. This tool includes: Cyber Eviction Strategies Playbook Next Generation Playbook-NG : A web-based application for...

CISA and Partners Release Updated Advisory on Scattered Spider Group

CISA, along with the Federal Bureau of Investigation, Canadian Centre for Cyber Security, Royal Canadian Mounted Police, the Australian Cyber Security Centre’s Australian Signals Directorate, and the Australian Federal Police and National Cyber Security Centre, released an updated joint...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on July 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-210-01 National Instruments LabVIEW ICSA-25-210-02 Samsung HVAC DMS ICSA-25-210-03 Delta...

CISA Releases Part One of Zero Trust Microsegmentation Guidance

CISA released Microsegmentation in Zero Trust, Part One: Introduction and Planning as part of its ongoing efforts to support Federal Civilian Executive Branch FCEB agencies implementing zero trust architectures ZTAs. This guidance provides a high-level overview of microsegmentation, focusing on i...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-20281link is external Cisco Identity Services Engine Injection Vulnerability CVE-2025-20337link is external Cisco Identity Services Engine Injection...