CISA NEWS
- Securing Core Cloud Identity Infrastructure: Addressing Advanced Threats through Public-Private Collaboration
- SAFECOM Releases the Emergency Communications System Lifecycle Planning Guide Suite Refresh
- SAFECOM and National Council of Statewide Interoperability Coordinators (NCSWIC) develop Artificial Intelligence in Emergency Communications Centers Infographic
- April is Emergency Communications Month!
- Building Resilient ICT Supply Chains: 8th Annual Supply Chain Integrity Month
- Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770)CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-2025-53770, is a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations. This exploitation activity, publicly reported as […]
- CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known […]
- CISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on July 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-198-01 Leviton AcquiSuite and Energy Monitoring Hub ICSMA-25-198-01 Panoramic Corporation Digital Imaging Software ICSA-24-191-05 Johnson Controls Inc. Software House C●CURE 9000 (Update B) CISA encourages users and administrators to […]
