On Friday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) catalog by adding three security flaws, highlighting the urgent need for businesses to address vulnerabilities currently being exploited in the wild. The newly identified vulnerabilities include CVE-2023-28432, a significant information disclosure issue affecting MinIO,…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified and added three security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting concerns over active exploitation. These vulnerabilities pose significant risks to various systems and require immediate attention from cybersecurity professionals. The first vulnerability, CVE-2023-1389, carries a CVSS score…
On Tuesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a critical advisory highlighting a serious vulnerability impacting ME RTU remote terminal units. This flaw, identified as CVE-2023-2131, has been assigned a maximum severity score of 10.0 on the Common Vulnerability Scoring System (CVSS), underscoring its potential for exploitation…
Government, Industry Specific, Network Firewalls, Network Access Control New Directive Mandates Replacement of Outdated Network Appliances Jennifer Lawinski • February 5, 2026 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive requiring federal agencies to replace potentially vulnerable network devices that have surpassed their vendor support end…
In May 2023, Microsoft released its Patch Tuesday updates, addressing 38 security vulnerabilities, including two major zero-day flaws that are currently being exploited. The updates aim to fortify Windows systems against active threats that pose significant risks to users and businesses. Trend Micro’s Zero Day Initiative has highlighted that this…
Fortinet has recently revealed a critical vulnerability affecting its FortiOS and FortiProxy platforms, identified as CVE-2023-27997, with a high CVSS score of 9.2. This flaw involves a heap-based buffer overflow in the SSL-VPN feature of these systems and could be exploited by remote attackers to execute arbitrary code through crafted…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development CISA Responds to Concerns Over Director’s Use of AI Tool Amid Compliance Review Chris Riotta (@chrisriotta) • January 28, 2026 Madhu Gottumukkala, acting director of the U.S. Cybersecurity and Infrastructure Security Agency. (Image: CISA) The use of ChatGPT by the…
In a significant report released for 2023, MITRE has unveiled its annual assessment of the Top 25 “most dangerous software weaknesses.” This list is crucial for understanding the vulnerabilities that pose the greatest risk to software systems and applications. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) emphasized the dangers…
Cybersecurity Spending, Government, Industry Specific Acting Director Reports Stabilization Following Significant Staff Reductions Chris Riotta (@chrisriotta) • January 21, 2026 Image: Orhan Cam/Shutterstock The U.S. Cybersecurity and Infrastructure Agency (CISA) is actively working to reclaim its mission after encountering significant staffing changes and funding disruptions during a challenging year. This…
