FBI Warns Chinese Mobile Apps Could Expose User Data to Cyberattacks
The Federal Bureau of Investigation (FBI) has issued a public warning about potential data security risks associated with foreign-developed mobile applicatio...
Advisory
19 articles
CrowdStrike’s Falcon platform receives cloud security update
The platform’s new capabilities are designed to support enterprises in safeguarding complex, AI-driven environments, and are in response to a security enviro...
Node.js Releases Urgent Patches for Multiple Vulnerabilities Exposing Systems to DoS and Crashes
The Node.js project issued a critical security update for its Long-Term Support (LTS) branch, marking version 20.
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials
PyPI is warning of possible credential theft from AI applications and developer pipelines after two malicious versions of the widely used Python middleware f...
Cisco Catalyst SD-WAN Vulnerabilities
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an attacker to access an affected system, elevate privileges ...
Microsoft Fixes Two Publicly Disclosed Zero-Days
March Patch Tuesday sees Microsoft release updates for 79 flaws
Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities
Multiple Cisco products are affected by vulnerabilities in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Sno...
Multiple Cisco Products Snort 3 Visual Basic for Applications Denial of Service Vulnerabilities
Multiple Cisco products are affected by vulnerabilities in the Snort 3 Visual Basic for Applications (VBA) Decompression Engine that could allow an unauthent...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities
Multiple vulnerabilities in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities
Multiple vulnerabilities in the OSPF feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FT...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities
Multiple vulnerabilities in the CLI feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities
Multiple vulnerabilities in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Fire...
Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities
Multiple Cisco products are affected by vulnerabilities in the HTTP Multipurpose Internet Mail Extensions (MIME) Decoder that could allow an unauthenticated,...
Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities
Multiple Cisco products are affected by vulnerabilities in the processing of Distributed Computing Environment Remote Procedure Call (DCE/RPC) requests that ...
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
Summary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025,...
CISA Shares Lessons Learned from an Incident Response Engagement
Advisory at a Glance Executive Summary CISA began incident response efforts at a U.S.
CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization
Summary The Cybersecurity and Infrastructure Security Agency (CISA) and U.S.
Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to dissem...
Russian GRU Targeting Western Logistics Entities and Technology Companies
Executive Summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and techno...