CISA has flagged four new vulnerabilities—already exploited in the wild—impacting SimpleHelp, Samsung MagicINFO, and D-Link routers. With a 2026 deadline, federal agencies must act fast to patch or replace at-risk systems and defend against ransomware and botnet attacks.
Sean Plankey, Trump’s nominee for the Cybersecurity and Infrastructure Security Agency, has withdrawn his candidacy amid political infighting and budget threats, leaving CISA leaderless as cyber risks mount.
Trump’s nominee to head the nation’s top cyber defense agency, CISA, has withdrawn after months of political deadlock, deepening a leadership crisis just as cyberattacks and workforce challenges intensify.
Sean Plankey’s withdrawal as Trump’s CISA director nominee after a stalled Senate process reveals deep instability at the heart of America’s cyber defense efforts.
CISA is sounding the alarm after a major supply chain attack on the Axios JavaScript library. Security teams worldwide are urged to check their code and credentials for signs of compromise.
CISA has identified eight new actively exploited software vulnerabilities, including critical flaws in Cisco Catalyst SD-WAN Manager and other widely used platforms. Federal agencies must patch these bugs by spring 2026 to defend against escalating cyberattacks.
CISA’s government shutdown-driven cancellation of its prestigious CyberCorps internships leaves future cyber defenders stranded and highlights the fragility of the federal cybersecurity talent pipeline.
The US cybersecurity agency CISA has added seven new vulnerabilities—including Windows and Adobe Acrobat flaws—to its Known Exploited Vulnerabilities list, urging organizations to patch immediately as exploit code spreads.
CISA has added six newly exploited software vulnerabilities—including a critical zero-click flaw in Fortinet—to its KEV catalog. With active attacks already underway, organizations face a tight deadline to patch or risk major breaches.
Federal agencies are under strict orders from CISA to patch a critical Ivanti EPMM flaw by Saturday after hackers exploited the vulnerability in real-world attacks. Nearly 950 devices are still exposed online, raising alarm across government and private sectors.