Stay informed on government cyber security initiatives, policy changes, and threats. Your source for the latest in government infosec news and updates.
Search across headline titles and summaries.
Background for this topic.
Government in the context of information security is a crucial and expansive domain that encompasses the protection of classified data, infrastructure, and communication channels of national and local governmental bodies against cyber threats. Security measures implemented include robust cryptographic practices, strict regulatory policies, continuous monitoring systems, and incident response frameworks to safeguard sensitive information from espionage, terrorism, and cybercrime.
This topic covers a wide spectrum of activities such as securing internal networks, implementing national cybersecurity policies, collaborating with private sectors on critical infrastructure protection, and crafting international agreements on cyber warfare and cyber espionage. The government's role in information security extends to educating the workforce, establishing compliance standards for industries, and actively engaging in cybersecurity research and development to stay ahead of potential threats. Information security within the governmental context is not only about defense but also about setting the stage for a secure digital society.
Weekly headline count for the current query.
CISA added CVE-2026-20131 to its KEV catalog as it is being used in ransomware campaigns
A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 vulnerability in WinRAR in espionage attacks on government and law enforcement agencies. [...]
Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. [...]
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. [...]
Malicious actors already have already pounced on the zero-day vulnerability, tracked as CVE-2025-53770, to compromise US government agencies and other businesses in ongoing and widespread attacks.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. [...]
At least four separate campaigns against CVE-2023-37580 in the popular Zimbra Collaboration Suite aimed to siphon up reams of sensitive mail data.
Threat actors are leveraging the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, to target government, technical, and legal organizations in the Americas, Europe, Africa, and the Asia-Pacific region. [...]
The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]
A suspected Chinese hacking group has been linked to a series of attacks on government organizations exploiting a Fortinet zero-day vulnerability (CVE-2022-41328) to deploy malware. [...]