CISA Releases Guidance on Credential Risks Associated with Potential Legacy Oracle Cloud Compromise
CISA is aware of public reporting regarding potential unauthorized access to a legacy Oracle
Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities
Fortinet is aware of a threat actor creating a malicious file from previously exploited
Ivanti Releases Security Updates for Connect Secure, Policy Secure & ZTA Gateways Vulnerability (CVE-2025-22457)
Ivanti released security updates to address vulnerabilities (CVE-2025-22457) in Ivanti Connect Secure, Policy Secure
Fast Flux: A National Security Threat
Executive summary Many networks have a gap in their defenses for detecting and blocking
CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure
CISA has published a Malware Analysis Report (MAR) with analysis and associated detection signatures
MAR-25993211-r1.v1 Ivanti Connect Secure (RESURGE)
Notification This report is provided "as is" for informational purposes only. The Department of
Supply Chain Compromise of Third-Party GitHub Action, CVE-2025-30066
A popular third-party GitHub Action, tj-actions/changed-files (tracked as CVE-2025-30066), was compromised. This GitHub Action
CISA Releases Thirteen Industrial Control Systems Advisories
CISA released thirteen Industrial Control Systems (ICS) advisories on March 13, 2025. These advisories
CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware
Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing
#StopRansomware: Medusa Ransomware
Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to