CISA
-
14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability
Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity…
Read More » -
CISA Includes TrueConf Security Flaw in KEV Catalog After Exploitation in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the TrueConf Client to its…
Read More » -
CISA Issues Urgent Warning on Langflow Code Injection Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical code-injection vulnerability discovered within Langflow.…
Read More » -
CISA Warns of Craft CMS Code Injection Flaw Exploited in Active Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Craft CMS to its Known Exploited…
Read More » -
511,000+ End-of-Life IIS Instances Found Online, Raising Security Risks
Security researchers at The Shadowserver Foundation have identified a massive internet-facing attack surface, discovering more than 511,000 End-of-Life Microsoft Internet…
Read More » -
CISA Issues Warning on Apple Vulnerabilities Exploited Through DarkSword iOS Chain
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding three critical security flaws affecting the Apple…
Read More » -
CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
The Cybersecurity and Infrastructure SecurityAgency (CISA) has issued an urgent warning concerning a critical zero-day vulnerability actively exploited in targeted…
Read More » -
CISA Calls on Organizations to Strengthen Microsoft Intune Security After Stryker Incident
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert calling on organizations to aggressively harden their endpoint…
Read More » -
CISA Issues Alert on Wing FTP Server Vulnerability Used in Attacks
The Cybersecurity and Infrastructure SecurityAgency (CISA) has issued an urgent security alert regarding a critical vulnerability in the Wing FTP…
Read More » -
Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threats
Iran-linked threat actors are escalating cyber operations against U.S. and allied networks, with Seedworm recently deploying new backdoors against critical…
Read More » -
Honeywell Controllers Widely Exposed Without Authentication
Security researchers at Zero Science Lab have disclosed a critical vulnerability in Honeywell’s Trend IQ4xx series of Building Management System…
Read More » -
CISA Alerts on Apple WebKit Zero-Day Actively Used in Cyberattacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability affecting multiple Apple products to its Known…
Read More » -
CISA Issues New Guidance for Securing UEFI Secure Boot on Enterprise Devices
The Cybersecurity and Infrastructure Security Agency (CISA) has issued critical guidance on managing UEFI Secure Boot configurations across enterprise systems,…
Read More » -
Surge in Attacks Targeting RSC-Enabled Services Worldwide
In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly…
Read More » -
2.15M Next.js Web Services Exposed Online, Active Attacks Reported
Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as…
Read More » -
CISA, NSA Alert on BRICKSTORM Malware Targeting VMware ESXi and Windows Systems
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), joined by Canadian cyber authorities, have issued…
Read More » -
CISA Issues Alert on Actively Exploited Android Zero-Day Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV)…
Read More » -
CISA Issues Warning as Hackers Target Oracle Identity Manager RCE Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Oracle vulnerability to its Known Exploited Vulnerabilities (KEV)…
Read More »