Security News

CISA tags critical Ivanti EPM flaws as actively exploited in attacks
2025-03-11 13:01

CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. [...]

CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List
2025-03-11 03:58

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited...

CISA Identifies Five New Vulnerabilities Currently Being Exploited
2025-03-05 12:00

Of the five, one is a Windows vulnerability, another is a Cisco vulnerability. We don’t have any details about who is exploiting them, or how. News article. Slashdot thread.

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm
2025-03-04 04:39

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to...

DHS says CISA will not stop monitoring Russian cyber threats
2025-03-03 19:22

The US Cybersecurity and Infrastructure Security Agency says that media reports about it being directed to no longer follow or report on Russian cyber activity are untrue, and its mission remains...

CISA tags Windows, Cisco vulnerabilities as actively exploited
2025-03-03 17:51

CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. [...]

Ransomware criminals love CISA's KEV list – and that's a bug, not a feature
2025-02-28 19:07

1 in 3 entries are used to extort civilians, says new paper Fresh research suggests attackers are actively monitoring databases of vulnerabilities that are known to be useful in carrying out...

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation
2025-02-26 04:33

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known...

Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA
2025-02-25 04:10

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited...

CISA flags Craft CMS code injection flaw as exploited in attacks
2025-02-21 15:57

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. [...]