Security news aggregator

Latest coverage for CISA

Stay informed on the latest CISA updates, guidelines, and alerts critical for robust information security and cyber threat prevention.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Cybersecurity and Infrastructure Security Agency (CISA) is the U.S. Department of Homeland Security agency for reducing cyber and physical risks to critical infrastructure and federal civilian networks. Created by the 2018 CISA Act, it works with government and industry, publishes alerts and guidance, and coordinates assistance during significant incidents. Its direct federal-network role chiefly covers the Federal Civilian Executive Branch, including .gov; private-sector engagement is often voluntary or sector-specific.

Practitioners use CISA advisories and the Known Exploited Vulnerabilities catalog to prioritize patching where exploitation has been observed, and consult applicable directives and incident-response guidance. CISA supports vulnerability reporting and promotes controls such as multifactor authentication, logging, and tested recovery. A CISA alert is an actionable risk signal, not proof every organization is affected; teams should verify product, version, exposure, and obligations.

Showing 8 most recent headlines Filtered view

Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog

Bank Info Security 5 months, 2 weeks ago

Breach Roundup: Android RAT Hides Behind Hugging Face

Also, SmarterMail Flaw, Nike Breach Probe, Empire Market Co-Creator Pleads GuiltyThis week, researchers exposed an Android RAT abusing Hugging Face. Attackers exploited a SmarterMail flaw. Automakers raised cyber spending. CISA flagged a VMware bug. Microsoft patched Office. An Empire Market co-creator pleaded guilty. Nike probed a breach.

Bank Info Security 5 months, 2 weeks ago

AI Use by CISA Chief Alarms Cyber Officials

CISA Defends Director’s Use of AI Tool Despite Internal Compliance ReviewCybersecurity and Infrastructure Security Agency Acting Director Madhu Gottumukkala uploaded sensitive documents to ChatGPT under a temporary, approved exception, prompting internal alerts and reigniting concerns over the agency's AI governance and leadership judgement.

Bank Info Security 5 months, 2 weeks ago

Federal IT Buyers Told to Plan for Post-Quantum Cryptography

CISA Urges Agencies to Treat Quantum Readiness as a Standard Buying ExpectationThe Cybersecurity and Infrastructure Security Agency is urging agencies to treat post-quantum cryptography as a near-term procurement expectation, signaling that information technology products should embed quantum-resistant security now to avoid rushed retrofits before federal migration deadlines.