FBI Warns Of Iran Linked Cyberattacks Targeting Critical Infrastructure OT Devices
FBI and U.S. agencies warn of Iran linked cyberattacks targeting operational technology devices, causing disruptions across critical infrastructure sectors.
CISA Issues Directive Ordering Removal Of Unsupported Edge Devices From Federal Networks
CISA Binding Operational Directive 26-02 mandates federal agencies to identify and decommission end-of-support edge devices within 18 months to mitigate cyber risks.
CISA Acting Head Uploads Sensitive Documents Into Public ChatGPT Triggering Internal Security Review
CISA acting director Madhu Gottumukkala uploaded sensitive contracting documents into a public version of ChatGPT, prompting internal cybersecurity warnings and a DHS-level review of potential risks.
Fortinet Releases Security Updates For Actively Exploited FortiOS Authentication Flaw
Fortinet has issued security updates for a critical FortiOS authentication bypass flaw under active exploitation, affecting FortiOS, FortiManager, and FortiAnalyzer, prompting urgent mitigation guidance and CISA action.
CISA Adds Four Actively Exploited Flaws To KEV Catalog As Citrix NetScaler Attacks Continue
CISA adds four vulnerabilities to its KEV catalog citing active exploitation while security firms detail ongoing abuse of critical Citrix NetScaler flaws leaking sensitive data.
CISA Raises Cybersecurity Shield Status To “Shields Up” With Guidance For Home Users
CISA issues Shields Up cybersecurity alert, advising home users to update devices, strengthen passwords, remain vigilant against phishing, and maintain offline backups.
CISA Adds Microsoft Office And HPE OneView Flaws To Known Exploited Vulnerabilities Catalog
CISA has added security flaws in Microsoft Office PowerPoint and HPE OneView to its KEV catalog, warning of active exploitation and urging agencies to apply fixes by January 28, 2026.
Critical React Server Components Vulnerability Tracked As React2Shell Actively Exploited
CISA adds React2Shell to its KEV catalog following active exploitation of CVE-2025-55182, impacting React Server Components and frameworks including Next.js and RedwoodSDK.
CISA Warns Of BRICKSTORM Backdoor Exploited By China-Linked Threat Actors
U.S. CISA issues alert on BRICKSTORM, a Golang-based backdoor targeting VMware vSphere and Windows systems, used by China-linked groups for persistent network access and data exfiltration.
Risk Associates Empowers NED University Students With ISACA Certification Reimbursement Awards
Risk Associates advances cybersecurity education by awarding ISACA certification reimbursements to NED University students, reinforcing its commitment to developing future cybersecurity professionals.
