CISA Mandates Urgent Patch for Actively Exploited Critical Fortinet Vulnerabilities
US government agencies have until July 19 to patch two critical Fortinet vulnerabilities
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
US government agencies have until July 19 to patch two critical Fortinet vulnerabilities
At VulnCon, Lindsey Cerkovnik, head of vulnerability management at CISA, said AI companies should play a bigger role in vulnerability disclosures in the future
Rapid7 says median time from publication to CISA KEV inclusion dropped to five days
CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog
A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution
The US cybersecurity agency has added the critical flaw to its Known Exploited Vulnerabilities list
CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks
Sysadmins are urged to patch WSUS vulnerability CVE-2025-59287 as soon as possible, with federal agencies required to update by November 14
An unnamed federal agency was hacked last year after threat actors exploited a critical GeoServer vulnerability
Hackers are actively exploiting two critical flaws in Cisco Identity Services Engine, said the US Cybersecurity and Infrastructure Security Agency
The US CISA has issued advisories for Industrial Control Systems vulnerabilities affecting multiple vendors including Johnson Controls, ABB, Hitachi Energy, and Schneider Electric
NSA and CISA are urging developers to adopt memory safe languages (MSLs) to combat vulnerabilities in software
Security teams should use vulnerability context alongside KEV lists to prioritize patching, OX argued
The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog
CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282
The US Cybersecurity and Infrastructure Security Agency added flaws in Fortinet and a popular GitHub Action to its Known Exploited Vulnerabilities catalog
The US Cybersecurity and Infrastructure Security Agency (CISA) has added five new flaws in Ivanti and VeraCore products to its Known Exploited Vulnerabilities catalog
CISA has added five more CVEs into its known exploited vulnerabilities catalog
US agencies have issued a new alert to eliminate buffer overflow vulnerabilities, urging memory-safe programming for secure-by-design software development