CISA

Pierluigi Paganini July 08, 2025
U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to […]

Pierluigi Paganini July 07, 2025
U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chromium V8 vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Chromium V8 vulnerability, tracked as CVE-2025-6554, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Google released security patches to address the Chrome vulnerability CVE-2025-6554 for which an exploit is […]

Pierluigi Paganini July 02, 2025
U.S. CISA adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-48927 is an Initialization of a Resource with an Insecure Default […]

Pierluigi Paganini July 01, 2025
CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure

U.S. warns of rising Iranian cyber threats exploiting outdated software and weak passwords, with attacks likely to escalate due to recent events. U.S. cybersecurity and intelligence agencies warn of rising cyber threats from Iranian state-linked hackers, expected to escalate. These actors typically exploit outdated software, known vulnerabilities, and weak or default passwords on internet-connected systems. […]

Pierluigi Paganini June 30, 2025
U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler vulnerability, tracked as CVE-2025-6543, to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-6543 (CVSS score of 9.2) is a memory overflow vulnerability in NetScaler ADC and NetScaler Gateway when configured […]

Pierluigi Paganini June 26, 2025
U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these […]

Pierluigi Paganini June 18, 2025
U.S. CISA adds Linux Kernel flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Out-of-Bounds Read and Write Vulnerability, tracked as CVE-2023-0386, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership vulnerability in the Linux kernel that […]

Pierluigi Paganini June 17, 2025
U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: Last week, Apple confirmed that the now-patched […]

Pierluigi Paganini June 12, 2025
SinoTrack GPS device flaws allow remote vehicle control and location tracking

Two vulnerabilities in SinoTrack GPS devices can allow remote vehicle control and location tracking by attackers, US CISA warns. U.S. CISA warns of two vulnerabilities in SinoTrack GPS devices that remote attackers can exploit to access a vehicle’s device profile without permission. The researchers warn that potential exploitation could allow attackers to track its location […]

Pierluigi Paganini June 12, 2025
U.S. CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: This week, Akamai researchers warned that […]