All CosmicBytez Labs articles tagged #CISA, across news, security advisories, how-to guides, and projects.
CISA added two critical Fortinet FortiSandbox OS command injection vulnerabilities to its KEV catalog and gave federal agencies just three days to patch, as active exploitation continues against the security appliance platform.
CISA has added two maximum-severity flaws in iCagenda and Balbooa Forms Joomla extensions to its KEV catalog following confirmed zero-day exploitation in the wild. Administrators should patch or mitigate immediately.
CISA has published a postmortem on a data leak in which a contractor exposed dozens of internal credentials — including AWS GovCloud keys — in a public GitHub repository for nearly six months before being discovered by KrebsOnSecurity.
CISA added CVE-2026-55255, a CVSS 9.9 IDOR authorization bypass in Langflow, to its Known Exploited Vulnerabilities catalog on July 7, ordering U.S....
CISA added CVE-2026-45659 to its Known Exploited Vulnerabilities catalog, confirming active in-the-wild exploitation of a high-severity SharePoint...
CISA has confirmed that ransomware gangs are actively exploiting BlueHammer, a Microsoft Defender privilege escalation vulnerability previously used in...
Threat actors are actively weaponizing CVE-2026-33017, a critical unauthenticated RCE flaw in Langflow, to deploy a Monero miner via the lambsys...
CISA has added a Cisco Unified Communications Manager Server vulnerability to its Known Exploited Vulnerabilities catalog and ordered federal agencies to...
CISA has added CVE-2026-12569, a critical remote code execution vulnerability in PTC Windchill PDMlink and FlexPLM, to its Known Exploited Vulnerabilities...
CISA has added CVE-2026-12569, a remote code execution flaw in PTC Windchill, to its Known Exploited Vulnerabilities catalog after confirming active...
Nearly 74,000 Fortinet firewall and VPN credentials were exposed in the FortiBleed data leak, prompting CISA to urge immediate device hardening and...
CISA has issued an emergency directive ordering federal agencies to patch CVE-2026-48907, a maximum-severity improper access control flaw in the Widget...
CISA has added a maximum-severity vulnerability in the Joomla Content Editor (JCE) plugin to its Known Exploited Vulnerabilities catalog, warning that the...
DragonForce hides C2 inside Microsoft Teams relay traffic; a SearchLeak attack weaponizes M365 Copilot for one-click data exfiltration; iRhythm confirms...
CISA has added CVE-2026-54420, an actively exploited vulnerability in the LiteSpeed cPanel user-end plugin, to its Known Exploited Vulnerabilities catalog...
CISA ordered federal agencies to patch a critical Check Point Remote Access VPN flaw within 3 days after Qilin ransomware affiliates were confirmed...
CISA added a high-severity SolarWinds Serv-U flaw to its KEV catalog after confirming attackers are actively exploiting it to crash file transfer servers.
This week's cybersecurity roundup covers Anthropic's new AI threat taxonomy, an unpatched Comodo security flaw, Palantir's Alex Karp reportedly under…
CISA has added a critical remote code execution vulnerability in the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities catalog…
Shyam Sankar, the chief technology officer at Palantir Technologies, has emerged as the leading contender for the long-vacant CISA director role under the…
A Commerce Inspector General report exposes how mismanagement allowed a backlog of more than 27,000 unprocessed security flaws to grow unchecked in the...
Noteworthy cybersecurity stories from the week: Trump Mobile exposes customer data, phishers target 2026 FIFA World Cup fans, and CISA responds to recent...
CISA's emergency directive gives federal agencies four days to patch the actively exploited LiteSpeed cPanel plugin flaw being weaponized in the wild.
CISA has added a LiteSpeed cPanel plugin zero-day to its Known Exploited Vulnerabilities catalog after active exploitation allowed attackers to execute scripts.
CISA has added CVE-2026-9082, a SQL injection vulnerability in Drupal Core, to its Known Exploited Vulnerabilities catalog following confirmed in-the-wild...
Members of Congress are demanding answers from CISA after a contractor intentionally published AWS GovCloud access keys and a trove of agency secrets on a...
CISA has added a high-severity Ivanti Endpoint Manager Mobile vulnerability to the Known Exploited Vulnerabilities catalog and issued an emergency...
The U.S. Cybersecurity and Infrastructure Security Agency has added CVE-2026-31431, a Linux kernel privilege escalation flaw enabling root access, to its...
CISA has confirmed that a cross-site scripting vulnerability in Zimbra Collaboration Suite is being actively exploited in the wild, with over 10,000...
CISA has added four actively exploited vulnerabilities affecting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X routers to its Known...
CISA and the UK's NCSC have revealed that a US federal civilian agency's Cisco Firepower device running ASA software was compromised in September 2025...
A critical zero-day in FortiClient EMS with a CVSS score of 9.8 is being actively exploited in the wild while Fortinet has released only an emergency...
The Trump administration's latest federal budget proposal includes hundreds of millions of dollars in additional cuts to CISA, the nation's primary...
CISA has issued a mandatory patching directive ordering all U.S. federal agencies to apply Citrix NetScaler security updates by Thursday, March 5, 2026,...
CVE-2025-53521, initially disclosed as a high-severity denial-of-service flaw in F5 BIG-IP APM, has been reclassified as a remote code execution...
CISA has added CVE-2026-33017, a critical unauthenticated remote code execution vulnerability in the Langflow AI framework, to its Known Exploited...
CISA has added CVE-2025-53521, a critical vulnerability in F5 BIG-IP Access Policy Manager, to its Known Exploited Vulnerabilities catalog after...
FBI and CISA alert warns Russian state actors have compromised thousands of messaging accounts belonging to US government officials, military personnel,...
CISA added actively exploited Zimbra Collaboration Suite and Microsoft SharePoint vulnerabilities to its Known Exploited Vulnerabilities catalog on March...
CISA mandated all federal civilian agencies patch CVE-2025-68613, a CVSS 9.9 remote code execution flaw in the n8n workflow automation platform, after...
A maximum-severity authentication bypass in Cisco Catalyst SD-WAN (CVE-2026-20127, CVSS 10.0) has been actively exploited by threat actor UAT-8616 since...
CISA has added CVE-2026-22719, a high-severity command injection vulnerability in VMware Aria Operations allowing unauthenticated remote code execution,...
A CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN has been exploited since at least 2023. CISA issues Emergency Directive ED 26-03 as all Five...
CISA has added two Roundcube Webmail vulnerabilities to the Known Exploited Vulnerabilities catalog — CVE-2025-49113 (CVSS 9.9, deserialization RCE) and...
A partial DHS shutdown since February 14 has furloughed 1,453 of CISA's 2,341 employees, halting vulnerability scanning, threat advisories, and critical...
New CISA directive requires all federal civilian agencies to implement comprehensive zero trust security architecture by September 2027, setting a...
CISA has updated the Known Exploited Vulnerabilities catalog with four actively exploited flaws including Microsoft Office and SmarterMail vulnerabilities.
CISA has issued an emergency directive requiring federal agencies to mitigate Ivanti Connect Secure vulnerabilities within 48 hours as active exploitation...