Security News

CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
2025-04-07 13:40

Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted...

For flux sake: CISA, annexable allies warn of hot DNS threat
2025-04-03 22:54

Shape shifting technique described as menace to national security The US govt's Cybersecurity Infrastructure Agency, aka CISA, on Thursday urged organizations, internet service providers, and...

CISA warns of Fast Flux DNS evasion used by cybercrime gangs
2025-04-03 19:37

CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the "Fast Flux" cybercrime evasion technique used by state-sponsored...

CISA spots spawn of Spawn malware targeting Ivanti flaw
2025-04-01 01:09

Resurge an apt name for malware targeting hardware maker that has security bug after security bug Owners of Ivanti’s Connect Secure, Policy Secure, and ZTA Gateway products have a new strain of...

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices
2025-03-31 13:02

CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who breached Ivanti Connect...

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
2025-03-27 06:23

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited...

CISA tags NAKIVO backup flaw as actively exploited in attacks
2025-03-20 21:13

CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO's Backup & Replication software. [...]

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation
2025-03-20 09:43

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV)...

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
2025-03-19 05:05

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known...

CISA fires, now rehires and immediately benches security crew on full pay
2025-03-18 21:46

DOGE efficiency in action The upheaval at the US government's Cybersecurity and Infrastructure Security Agency, aka CISA, took another twist on Tuesday, as it moved to reinstate staffers it had...