Security news aggregator

Latest coverage for CISA

Stay informed on the latest CISA updates, guidelines, and alerts critical for robust information security and cyber threat prevention.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Cybersecurity and Infrastructure Security Agency (CISA) is the U.S. Department of Homeland Security agency for reducing cyber and physical risks to critical infrastructure and federal civilian networks. Created by the 2018 CISA Act, it works with government and industry, publishes alerts and guidance, and coordinates assistance during significant incidents. Its direct federal-network role chiefly covers the Federal Civilian Executive Branch, including .gov; private-sector engagement is often voluntary or sector-specific.

Practitioners use CISA advisories and the Known Exploited Vulnerabilities catalog to prioritize patching where exploitation has been observed, and consult applicable directives and incident-response guidance. CISA supports vulnerability reporting and promotes controls such as multifactor authentication, logging, and tested recovery. A CISA alert is an actionable risk signal, not proof every organization is affected; teams should verify product, version, exposure, and obligations.

Showing 3 most recent headlines Filtered view

Also: Continued Turmoil at CISA, MSSP Level Blue's Acquisition of CybereasonIn this week's panel, four ISMG editors discussed the FBI's takedown of Scattered Lapsus$ Hunters, turmoil inside CISA amid the U.S. federal government shutdown and how LevelBlue's acquisition of Cybereason signals big shifts in the XDR and MDR markets.

Swalwell: Sweeping CISA Cuts Leave Nation Vulnerable to Major CyberattacksA top Democratic lawmaker is demanding transparency and calling for the immediate reversal of major workforce cuts at the Cybersecurity and Infrastructure Security Agency, which is only operating with 35% of its total staff amid the ongoing government shutdown and resulting reductions-in-force.

Federal Agencies Ordered to Patch or Decommission F5 Devices Amid Imminent RiskAn advanced nation-state threat actor stole sensitive F5 source code and vulnerability data to craft tailored exploits, prompting an emergency directive amid a U.S. government shutdown that has left cyber defenses strained and federal networks at "imminent risk."