Vulnerabilities CISA Issues Exploitation Warning for .NET Vulnerability CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog. Eduard Kovacs5 days ago
Vulnerabilities CISA Warns of Old jQuery Vulnerability Linked to Chinese APT CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog. Eduard KovacsJanuary 24, 2025
Malware & Threats CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks Attackers have been exploiting a second vulnerability in BeyondTrust’s remote management solutions, CISA warns. Ionut ArghireJanuary 14, 2025
Vulnerabilities CISA Warns of Mitel MiCollab Vulnerabilities Exploited in Attacks CISA says two recently disclosed path traversal vulnerabilities in the Mitel MiCollab collaboration platform have been exploited in attacks. Ionut ArghireJanuary 8, 2025
Vulnerabilities CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability CISA is urging federal agencies to patch a recent critical vulnerability in BeyondTrust remote access products in one week. Ionut ArghireDecember 20, 2024
Government CISA Seeking Public Comment on Updated National Cyber Incident Response Plan CISA has updated its National Cyber Incident Response Plan in line with the changing threat landscape and is now seeking public comment. Ionut ArghireDecember 17, 2024
Vulnerabilities CISA Warns of Exploited Adobe ColdFusion, Windows Vulnerabilities CISA has warned organizations that two vulnerabilities affecting Adobe ColdFusion and Windows have been exploited in the wild. Eduard KovacsDecember 17, 2024
Vulnerabilities Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways CISA warns about attacks exploiting CVE-2023-28461, a critical vulnerability in Array Networks AG and vxAG secure access gateways. Ionut ArghireNovember 26, 2024
Vulnerabilities CISA Warns of Progress Kemp LoadMaster Vulnerability Exploitation CISA is warning organizations that CVE-2024-1212, a Progress Kemp LoadMaster OS command injection vulnerability, is being exploited in attacks. Eduard KovacsNovember 20, 2024
Malware & Threats Citrix, Cisco, Fortinet Zero-Days Among 2023’s Most Exploited Vulnerabilities Most of the top frequently exploited vulnerabilities in 2023 were initially exploited as zero-days, according to data from government agencies. Ionut ArghireNovember 13, 2024
Vulnerabilities Palo Alto Networks Expedition Vulnerability Exploited in Attacks, CISA Warns CISA has added a Palo Alto Networks Expedition flaw tracked as CVE-2024-5910 to its Known Exploited Vulnerabilities Catalog. Eduard KovacsNovember 8, 2024
Malware & Threats Fortinet Confirms Zero-Day Exploit Targeting FortiManager Systems Fortinet confirms zero-day exploits hitting critical (CVSS severity score 9.8/10) remote code execution bug in the FortiManager platform. Ryan NaraineOctober 23, 2024