Security News

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List
2025-02-19 04:48

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited...

CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability
2025-02-07 12:52

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active...

CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise
2025-02-05 21:45

CISA adds four new vulnerabilities to its catalog, urging agencies to remediate risks. Learn about the latest exploits and how they impact enterprise security.

CISA orders agencies to patch Linux kernel bug exploited in attacks
2025-02-05 18:58

​CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw actively exploited in attacks. [...]

CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks
2025-02-05 16:45

The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies and large organizations to apply...

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25
2025-02-05 05:05

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation...

CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
2025-01-31 13:10

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient...

Patient monitors with backdoor are sending info to China, CISA warns
2025-01-31 12:02

Contec CMS8000, a patient monitor manufactured by a Chinese company, and Epsimed MN-120, which is the same monitor but relabeled, exfiltrate patients’ data to a hard-coded IP address and have a...

CISA Under Trump
2025-01-28 12:09

Jen Easterly is out as the Director of CISA. Read her final interview: There’s a lot of unfinished business. We have made an impact through our ransomware vulnerability warning pilot and our...

CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
2025-01-24 05:39

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited...