cisa known exploited vulnerabilities
Roundcube Webmail Vulnerability Under Exploitation, Patch Now
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube webmail vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2023-43770, this issue is a persistent cross-site scripting (XSS) ...
New Malware in Exploits Targeting Ivanti Vulnerabilities
Google-owned Mandiant has uncovered a new malware exploiting vulnerabilities in Ivanti Connect Secure VPN and Policy Secure devices. These malwares have been utilized by several threat groups, including the China-nexus espionage group ...
CISA and FBI Warn of AndroxGh0st Malware Threat
CISA and FBI have jointly issued a warning about the threat posed by AndroxGh0st malware, emphasizing its use in establishing a botnet for “victim identification and exploitation within target networks.” Originating in ...
CISA Mandates Urgent Patching for Citrix NetScaler Vulnerabilities
In a recent move to bolster cybersecurity defenses, CISA has issued a directive to U.S. federal agencies to urgently secure their systems against three newly patched vulnerabilities in Citrix NetScaler and Google ...
CISA Adds 6 Known Exploited Vulnerabilities to Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning for organizations nationwide, adding six critical vulnerabilities to its “Known Exploited Vulnerabilities” (KEV) catalog. Six critical vulnerabilities, including flaws in ...