Tag archive for Cisa - page 6

 CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-5419 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability  This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to…

Continue reading →

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-21479 Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability CVE-2025-21480 Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability CVE-2025-27038 Qualcomm Multiple Chipsets Use-After-Free Vulnerability These types of vulnerabilities are frequent attack…

Continue reading →

CISA released two Industrial Control Systems (ICS) advisories on May 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-142-01 Lantronix Device Installer ICSA-25-142-02 Rockwell Automation FactoryTalk Historian ThingWorx CISA encourages users and administrators to review newly released…

Continue reading →

CISA released one Industrial Control Systems (ICS) advisory on May 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-146-01 Johnson Controls iSTAR Configuration Utility (ICU) Tool CISA encourages users and administrators to review newly released ICS advisories…

Continue reading →

CISA released five Industrial Control Systems (ICS) advisories on May 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-148-01 Siemens SiPass ICSA-25-148-02 Siemens SiPass Integrated ICSA-25-148-03 Consilium Safety CS5000 Fire Panel ICSA-25-148-04 Instantel Micromate  ICSMA-25-148-01 Santesoft Sante…

Continue reading →

Today, CISA, in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other international and U.S. partners, released new guidance for organizations seeking to procure Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. This guidance…

Continue reading →

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.  CVE-2025-4632 Samsung MagicINFO 9 Server Path Traversal Vulnerability  These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. …

Continue reading →

Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and international partners released a joint Cybersecurity Information Sheet on AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems.  This information sheet highlights the critical role of data…

Continue reading →