News

CSO Online4h
CISA under review: Trump memo spurs scrutiny and uncertainty
A directive against CISA and its former director Christopher Krebs raises concerns over the agency’s neutrality, operational ...
SecurityWeek1d
CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days
CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog.
CrushFTP vulnerability exploited in the wild, added to CISA KEV database
CISA has also picked up on the news, adding the bug to its Known Exploited Vulnerabilities Catalog (KEV). This means that Federal Civilian Executive Branch (FCEB) agencies have a three-week deadline ...
The Hacker News2d
CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation
A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure ...
CISA spots spawn of Spawn malware targeting Ivanti flaw
Uncle Sam dubbed the latest software nasty Resurge, and warned it infects devices by exploiting CVE-2025-0282 - a critical ...
CentreStack RCE exploited as zero-day to breach file sharing servers
Hackers exploited a vulnerability in Gladinet CentreStack's secure file-sharing software as a zero-day since March to breach ...
The Hacker News1d
Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability
Microsoft patched 126 vulnerabilities including actively exploited CVE-2025-29824, leaving Windows 10 users exposed.
CISA adds Ivanti Connect Secure vulnerability to KEV catalog
CVE-2025-22457 is a critical stack buffer-overflow vulnerability. Ivanti had initially assessed as a low-level product bug ...
Computer Weekly2dOpinion
It’s time to stop the victim-blaming and insist on safer software
Businesses spend too much time and money protecting themselves against flaws and vulnerabilities in modern software products, ...
Security Boulevard8d
CVEs lose relevance: Get proactive — and think beyond vulnerabilities
Application security (AppSec) would not have existed for the past 25 years without the Common Vulnerabilities and Exposures ...
CISA warns of "Resurge" malware after Ivanti ICS attacks
Attacks on Ivanti's ICS have been known since the beginning of January. CISA has analyzed the malware that attackers have ...
Yahoo Finance10d
CISA warns new malware targeting Ivanti zero-day vulnerability
Earlier this month, three critical vulnerabilities in Ivanti Endpoint Manager came under attack. According to CISA, Resurge is similar to SpawnChimera, a variant of the Spawn malware family that ...