Current Activity

Ivanti Releases Security Update for Ivanti Connect Secure and Policy Secure Gateways

Ivanti has released security updates to address vulnerabilities in all supported versions (9.x and 22.x) of Ivanti Connect Secure and Policy Secure gateways. A cyber threat actor could exploit one of…

Comments Off

April 5, 2024

Current Activity

Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094

CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is…

Comments Off

March 30, 2024

Current Activity

Apple Released Security Updates for Safari and macOS

Apple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users…

Comments Off

March 28, 2024

Current Activity

Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry

Ivanti has released security advisories to address vulnerabilities in Ivanti Neurons for ITSM and Standalone Sentry. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. …

Comments Off

March 22, 2024

Current Activity

Repository for Software Attestation and Artifacts Now Live

Software producers who partner with the federal government can now upload their Secure Software Development Attestation Forms to CISA's Repository for Software Attestation and Artifacts. Software producers that provide the…

Comments Off

March 19, 2024

Current Activity

Cisco Releases Security Updates for IOS XR Software

Cisco released security updates to address vulnerabilities in Cisco IOS XR software. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device. CISA…

Comments Off

March 15, 2024

Current Activity

Apple Released Security Updates for Multiple Products

Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. …

Comments Off

March 9, 2024

Current Activity

CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27198 JetBrains TeamCity Authentication Bypass Vulnerability CISA urges organizations to review the following…

Comments Off

March 8, 2024

Current Activity

Cisco Releases Security Updates for Secure Client

Cisco released security updates to address vulnerabilities in Cisco Secure Client and Secure Client for Linux. A cyber threat actor could exploit one of these vulnerabilities to take control of…

Comments Off

March 8, 2024

Current Activity

CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities

Today, CISA and the following partners released joint Cybersecurity Advisory Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways: Federal Bureau of Investigation (FBI) Multi-State Information…

Comments Off

March 2, 2024