‘CI Fortify’ Is the New Road Map for State and Local Resilience
This past week the Cybersecurity and Infrastructure Security Agency (CISA) announced the release of its CI Fortify project, aiming to...
CISA
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
Ravie LakshmananMay 23, 2026Vulnerability / Website Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched...
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity...
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
Ravie LakshmananMay 22, 2026Vulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security...
CISA Contractor Exposed Sensitive Credentials in Public GitHub Repository
The federal agency that tells Americans how to secure their systems is now investigating how sensitive credentials tied to its...
CISA Admin Leaked AWS GovCloud Keys on Github
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that...
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
Ravie LakshmananMay 15, 2026Vulnerability / Credential Theft The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed...
Canvas Breach Hackers Reach Deal After Claiming 275M Records Stolen
Hackers behind the Canvas breach have reached a deal with Instructure after claiming they stole data tied to nearly 9,000...
CISA Warning: High-Severity Linux Flaw Puts Unpatched Systems at Risk
CISA warns that the nine-year-old Linux Copy Fail flaw is being actively exploited, allowing local attackers to gain root access...
U.S. Officials Consider Three-Day Patch Rule in Wake of Anthropic’s Mythos
Federal officials reportedly are considering significantly cutting the amount of time U.S. agencies have to fix critical vulnerabilities in the...
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
Ravie LakshmananMay 03, 2026Vulnerability / Container Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently...
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
Ravie LakshmananApr 29, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security...
CISA last in line for access to Anthropic Mythos
The US Cybersecurity and Infrastructure Security Agency (CISA) does not yet have access to Anthropic’s bug-hunting AI model, Claude Mythos,...
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency's Cisco Firepower device running...
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini...