Please turn on your JavaScript for this page to function normally.
CISA
CISA says it will fill the gap as federal funding for MS-ISAC dries up

The cooperative agreement between the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the not-for-profit Center for Internet Security is ending today, the …

Cisco
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks

A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and …

CVE
CISA looks to partners to shore up the future of the CVE Program

The US Cybersecurity and Infrastructure Security Agency (CISA) has affirmed its continuing support for the Common Vulnerabilities and Exposures (CVE) program. “If we …

Netscaler
NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) – updated!

Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been …

git
Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)

CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not …

N-able N-central
Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876)

Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service …

Microsoft Exchange
Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)

“In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the …

water management cybersecurity
It’s time to sound the alarm on water sector cybersecurity

A cyberattack on a water facility can put entire communities and businesses at risk. Even a short disruption in clean water supply can have serious public health and safety …

Microsoft SharePoint
Microsoft SharePoint servers under attack via zero-day vulnerability (CVE-2025-53770)

This is a developing story, new update here: Microsoft pins on-prem SharePoint attacks on Chinese threat actors Attackers are exploiting a zero-day variant (CVE-2025-53770) of …

SinoTrack
SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles

Vulnerabilities affecting the SinoTrack GPS tracking platform may allow attackers to keep tabs on vehicles’ location and even perform actions such as disconnecting power …

NIST
NIST proposes new metric to gauge exploited vulnerabilities

NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and …

Google Chrome
CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)

A high-severity Chrome vulnerability (CVE-2025-4664) that Google has fixed on Wednesday is being leveraged by attackers, CISA has confirmed by adding the flaw to its Known …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools