Advertisement
CISA Warns: Critical Infrastructure ATG Systems Under Attack
CISA, FBI, and NSA warn of active cyberattacks targeting internet-exposed Automatic Tank Gauge (ATG) systems in critical infrastructure. Learn to defend.
CISA Contractor Leaks AWS GovCloud Credentials via GitHub Repository
A significant security leak involving a CISA contractor has exposed privileged AWS GovCloud credentials and internal software deployment processes on GitHub.
CISA Data Leak: AWS GovCloud Keys Exposed via Public GitHub Repo
Lawmakers demand answers from CISA after a contractor leaked AWS GovCloud keys and internal secrets on GitHub, prompting urgent credential rotation.
CISA GitHub Repo Exposes Secrets & Credentials in Public View
CISA inadvertently exposed sensitive secrets and credentials within a publicly accessible GitHub repository. This incident highlights critical cloud security
CISA Contractor Leaked AWS GovCloud Keys on GitHub: Critical Exposure
A CISA contractor publicly exposed highly privileged AWS GovCloud and internal system credentials on GitHub, detailing CISA's software development. This leak poses a
Securing Agentic AI: CISA and International Partners Issue Guidance
CISA and international partners release guidance on securing agentic AI services, detailing risks like autonomous execution and supply chain vulnerabilities.
CISA KEV Update: Exchange Server, Adobe, MS Windows Exploits
CISA adds seven vulnerabilities, including critical Microsoft Exchange Server deserialization, to its Known Exploited Vulnerabilities Catalog, urging immediate
White House FY2027 Budget Proposes $707 Million CISA Funding Cut
The White House proposes a $707 million reduction to CISA's budget for FY2027, refocusing the agency on federal agency and critical infrastructure protection.
FortiClient EMS RCE via CVE-2023-48788 — Patch Guidance
CISA mandates federal agencies patch the critical FortiClient EMS SQL injection flaw, CVE-2023-48788, which allows unauthenticated remote code execution.
Langflow CVE-2026-33017: AI Workflow Hijacking Under Active Exploitation
CISA warns of active exploitation of CVE-2026-33017 in Langflow, enabling attackers to hijack AI workflows and potentially compromise AI agents.
Russian Intelligence Phishing Targets Signal and WhatsApp Accounts
FBI and CISA warn that Russian state-sponsored actors are using sophisticated phishing to compromise high-value Signal and WhatsApp accounts.
CVE-2024-38094: SharePoint RCE Exploited in the Wild — Patch Now
CISA adds CVE-2024-38094 to its KEV catalog after active exploitation of a SharePoint RCE vulnerability. Learn how to detect and remediate this threat.