U.S. Cybersecurity and Infrastructure Security Agency
Coverage of U.S. Cybersecurity and Infrastructure Security Agency in the Nexus archive.
- CISA orders feds to prioritize patching Langflow auth bypass flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch an actively exploited vulnerability in the Langflow visual framework for building AI agents, setting a deadline of Friday.
- CISA orders feds to patch max severity ColdFusion flaw by Friday
CISA has ordered U.S. government agencies to patch a maximum-severity flaw in Adobe ColdFusion by Friday due to active exploitation. The flaw affects the Adobe ColdFusion web application development platform.
- Hiding in Plain Sight: The Geopolitics of Software Supply Chains
Anthropic's Claude Mythos AI model can rapidly identify and exploit software vulnerabilities, prompting U.S. government reevaluation of AI oversight. The article highlights strategic risks in software supply chains, including governance gaps and foreign influence, urging defense officials to apply rigorous scrutiny to critical systems akin to physical supply chains.
- CISA orders feds to patch max severity Joomla plugin flaw by Friday
CISA has mandated federal agencies to address a maximum-severity vulnerability in the Joomla Content Editor (JCE) plugin, which is currently being exploited. The flaw is part of the Widget Factory plugin and requires immediate patching by Friday.
- CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
CISA added a maximum-severity vulnerability in Joomla JCE to its KEV catalog, citing active exploitation. The flaw, CVE-2026-48907 with a CVSS score of 10.0, involves improper access control allowing arbitrary PHP code execution.
- Cisco SD-WAN make-me-root bug under attack
Cisco issued a fix for a critical vulnerability (CVE-2026-20262) in its Catalyst SD-WAN Manager, which attackers are actively exploiting to gain root privileges. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the flaw to its Known Exploited Vulnerabilities catalog and mandated federal agencies to patch within two weeks. The vulnerability arises from improper input validation during file uploads, requiring valid credentials for exploitation.
- CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch an actively exploited Ivanti Sentry flaw within three days as mandated by the newly issued Binding Operational Directive (BOD) 26-04.
- LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
CISA added a high-severity command injection vulnerability (CVE-2026-42271) in BerriAI LiteLLM to its KEV catalog due to active exploitation. The flaw allows authenticated users to execute arbitrary commands on affected systems.
- CISA warns of active attacks exploiting Android, Linux bugs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system.
- Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
CISA added a high-severity vulnerability (CVE-2024-21182) in Oracle WebLogic Server to its KEV Catalog due to evidence of active exploitation. The flaw allows unauthenticated attackers to take control of vulnerable servers.
- Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
CISA has added a critical SQL injection vulnerability (CVE-2026-9082) in Drupal Core to its KEV catalog due to active exploitation. The flaw affects all supported versions of Drupal Core and carries a CVSS score of 6.5.
- CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
CISA added a critical Linux privilege escalation vulnerability (CVE-2026-31431) to its KEV catalog due to active exploitation. The flaw, with a CVSS score of 7.8, allows local attackers to gain root access on affected Linux distributions.
- CISA orders feds to patch Windows flaw exploited as zero-day
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has directed federal agencies to address a critical Windows vulnerability being exploited in zero-day attacks. The directive emphasizes urgent patching to mitigate potential breaches.
- CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
CISA added four actively exploited vulnerabilities to its KEV catalog, affecting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X routers, with a federal remediation deadline set for May 2026. One vulnerability, CVE-2024-57726, has a critical CVSS score of 9.9 due to a missing authorization flaw.
- FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
CISA and the UK's NCSC disclosed that a federal civilian agency's Cisco Firepower device running ASA software was compromised in September 2025 by the FIRESTARTER backdoor malware. The malware, designed for remote access, persisted despite security patches, indicating a sophisticated cyberattack.
- CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
CISA added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws in Cisco Catalyst SD-WAN Manager actively exploited in the wild. The agency set federal deadlines for remediation between April and May 2026, with CVE-2023-27351 highlighted as a high-severity authentication flaw in PaperCut.
- Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
A high-severity vulnerability (CVE-2026-34197) in Apache ActiveMQ Classic is being actively exploited, prompting CISA to add it to its KEV catalog with a CVSS score of 8.8. Federal civilian agencies are required to address the flaw immediately.
- CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
CISA added six actively exploited vulnerabilities to its KEV catalog, including an SQL injection flaw in Fortinet FortiClient EMS (CVE-2026-21643) with a CVSS score of 9.1. The vulnerabilities affect software from Fortinet, Microsoft, and Adobe.