CISA Releases Twenty-Two Industrial Control Systems Advisories
CISA released twenty-two Industrial Control Systems (ICS) advisories on May 15, 2025. These advisories
Update to How CISA Shares Cyber-Related Alerts and Notifications
Starting May 12, CISA is changing how we announce cybersecurity updates and the release
CISA Releases Guidance on Credential Risks Associated with Potential Legacy Oracle Cloud Compromise
CISA is aware of public reporting regarding potential unauthorized access to a legacy Oracle
Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities
Fortinet is aware of a threat actor creating a malicious file from previously exploited
Ivanti Releases Security Updates for Connect Secure, Policy Secure & ZTA Gateways Vulnerability (CVE-2025-22457)
Ivanti released security updates to address vulnerabilities (CVE-2025-22457) in Ivanti Connect Secure, Policy Secure
Fast Flux: A National Security Threat
Executive summary Many networks have a gap in their defenses for detecting and blocking
CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure
CISA has published a Malware Analysis Report (MAR) with analysis and associated detection signatures
MAR-25993211-r1.v1 Ivanti Connect Secure (RESURGE)
Notification This report is provided "as is" for informational purposes only. The Department of
Supply Chain Compromise of Third-Party GitHub Action, CVE-2025-30066
A popular third-party GitHub Action, tj-actions/changed-files (tracked as CVE-2025-30066), was compromised. This GitHub Action
CISA Releases Thirteen Industrial Control Systems Advisories
CISA released thirteen Industrial Control Systems (ICS) advisories on March 13, 2025. These advisories