CISA NEWS
- Securing Core Cloud Identity Infrastructure: Addressing Advanced Threats through Public-Private Collaboration
- SAFECOM Releases the Emergency Communications System Lifecycle Planning Guide Suite Refresh
- SAFECOM and National Council of Statewide Interoperability Coordinators (NCSWIC) develop Artificial Intelligence in Emergency Communications Centers Infographic
- April is Emergency Communications Month!
- Building Resilient ICT Supply Chains: 8th Annual Supply Chain Integrity Month
- CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) for more information and to apply the recommended mitigations. CVE-2025-53770: Microsoft SharePoint Server Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for […]
- Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770)CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-2025-53770, is a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations. This exploitation activity, publicly reported as […]
- CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known […]
