CISA NEWS
- Securing Core Cloud Identity Infrastructure: Addressing Advanced Threats through Public-Private Collaboration
- SAFECOM Releases the Emergency Communications System Lifecycle Planning Guide Suite Refresh
- SAFECOM and National Council of Statewide Interoperability Coordinators (NCSWIC) develop Artificial Intelligence in Emergency Communications Centers Infographic
- April is Emergency Communications Month!
- Building Resilient ICT Supply Chains: 8th Annual Supply Chain Integrity Month
- CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known […]
- Leviton AcquiSuite and Energy Monitoring HubView CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Leviton Equipment: AcquiSuite, Energy Monitoring Hub Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to craft a malicious payload in URL parameters that would execute in a client browser when accessed by a user, […]
- CISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on July 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-198-01 Leviton AcquiSuite and Energy Monitoring Hub ICSMA-25-198-01 Panoramic Corporation Digital Imaging Software ICSA-24-191-05 Johnson Controls Inc. Software House C●CURE 9000 (Update B) CISA encourages users and administrators to […]
