CISA Archives

Government

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk

The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries.

Ionut Arghire4 days ago

ICS/OT

ICS Patch Tuesday: New Security Advisories From Siemens, Schneider, CISA

Many ICS vendors have not released new advisories for the May 2026 Patch Tuesday.

Eduard KovacsMay 13, 2026

Government

CISA Launches ‘CI Fortify’ to Prepare Critical Infrastructure for Geopolitical Cyber Conflict

Agency issued guidance and calls on operators to build resilient OT environments capable of surviving extended isolation and cyber compromise.

Eduard KovacsMay 6, 2026

Government

White House Seeks to Slash CISA Funding by $707 Million

The Trump administration says the FY2027 budget refocuses CISA on its core mission: protecting federal agencies and critical infrastructure.

Eduard KovacsApril 7, 2026

Incident Response

CISA Flags Critical PTC Vulnerability That Had German Police Mobilized

Police in Germany physically warned organizations about the critical PTC Windchill vulnerability tracked as CVE-2026-4681.

Eduard KovacsMarch 27, 2026

Government

Nick Andersen Appointed Acting Director of CISA

Madhu Gottumukkala has been assigned to a new role within the Department of Homeland Security.

Eduard KovacsMarch 2, 2026

Government

CISA Navigates DHS Shutdown With Reduced Staff

CISA is currently operating at roughly 38% capacity (888 out of 2,341 staff) due to the DHS shutdown that began February 14, 2026.

Kevin TownsendFebruary 16, 2026

Vulnerabilities

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

Disclosed at the end of January, the SolarWinds vulnerability was likely exploited as a zero-day since December 2025.

Ionut ArghireFebruary 13, 2026

Network Security

Organizations Urged to Replace Discontinued Edge Devices

Edge devices that are no longer supported have been targeted in attacks by state-sponsored hackers, the US says.

Ionut ArghireFebruary 7, 2026

Government

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog

CISA updated 59 KEV entries in 2025 to specify that the vulnerabilities have been exploited in ransomware attacks.

Eduard KovacsFebruary 6, 2026

Vulnerabilities

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over

The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog.

Ionut ArghireJanuary 9, 2026

Vulnerabilities

CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries

With 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws.

Ionut ArghireJanuary 5, 2026

Malware & Threats

US Organizations Warned of Chinese Malware Used for Long-Term Persistence

Warp Panda has been using the BrickStorm, Junction, and GuestConduit malware in attacks against US organizations.

Ionut ArghireDecember 5, 2025

Mobile & Wireless

CISA Warns of Spyware Targeting Messaging App Users

CISA has described the techniques used by attackers and pointed out that the focus is on high-value individuals.

Eduard KovacsNovember 25, 2025

Government

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks

Federal agencies have reported as ‘patched’ ASA or FTD devices running software versions vulnerable to attacks.

Ionut ArghireNovember 13, 2025

Training & Awareness

Cybersecurity Awareness Month 2025: Prioritizing Identity to Safeguard Critical Infrastructure

This year’s theme focuses on government entities and small and medium-sized businesses that are vital to protecting the systems and services that keep our...

Torsten GeorgeOctober 1, 2025

Government

The Cybersecurity Information Sharing Act Faces Expiration

The CISA is set to expire on September 30, 2025, raising urgent questions about risk, politics, and the future of threat intelligence.

Kevin TownsendSeptember 29, 2025

Vulnerabilities

GeoServer Flaw Exploited in US Federal Agency Hack

The hackers remained undetected for three weeks, deploying China Chopper, remote access scripts, and reconnaissance tools.

Ionut ArghireSeptember 24, 2025

Malware & Threats

CISA Analyzes Malware From Ivanti EPMM Intrusions

Hackers chained two Ivanti EPMM vulnerabilities to collect system information, dump credentials, and execute malware.

Ionut ArghireSeptember 19, 2025

Government

CISA: CVE Program to Focus on Vulnerability Data Quality

CISA says it is time for the CVE Program to focus on improving trust, responsiveness, and the caliber of vulnerability data.

Ionut ArghireSeptember 12, 2025

SECURITYWEEK NETWORK:

ICS:

All posts tagged "CISA"

Government

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk

ICS/OT

ICS Patch Tuesday: New Security Advisories From Siemens, Schneider, CISA

Government

CISA Launches ‘CI Fortify’ to Prepare Critical Infrastructure for Geopolitical Cyber Conflict

Government

White House Seeks to Slash CISA Funding by $707 Million

Incident Response

CISA Flags Critical PTC Vulnerability That Had German Police Mobilized

Government

Nick Andersen Appointed Acting Director of CISA

Government

CISA Navigates DHS Shutdown With Reduced Staff

Vulnerabilities

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

Network Security

Organizations Urged to Replace Discontinued Edge Devices

Government

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog

Vulnerabilities

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over

Vulnerabilities

CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries

Malware & Threats

US Organizations Warned of Chinese Malware Used for Long-Term Persistence

Mobile & Wireless

CISA Warns of Spyware Targeting Messaging App Users

Government

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks

Training & Awareness

Cybersecurity Awareness Month 2025: Prioritizing Identity to Safeguard Critical Infrastructure

Government

The Cybersecurity Information Sharing Act Faces Expiration

Vulnerabilities

GeoServer Flaw Exploited in US Federal Agency Hack

Malware & Threats

CISA Analyzes Malware From Ivanti EPMM Intrusions

Government

CISA: CVE Program to Focus on Vulnerability Data Quality

Featured

Artificial Intelligence

Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls

Artificial Intelligence

Industry Reactions to Claude Fable 5: Feedback Friday

ICS/OT

Iranian Cyber Group Handala Claims Cal Water Hack

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Incident Response

Alert Fatigue Is Becoming a Security Threat of Its Own

ICS/OT

Siemens Says Desigo CC Files Flagged as Malware by Security Engines

Vulnerabilities

Microsoft Patches Exploited Exchange Server Vulnerability

Latest News

Data Breaches

Maine Disables Data Breach Portal Due to Fake Submissions

Supply Chain Security

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

Management & Strategy

In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine

Artificial Intelligence

Industry Reactions to Claude Fable 5: Feedback Friday

ICS/OT

Iranian Cyber Group Handala Claims Cal Water Hack

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

Daily Briefing Newsletter