Patrick Coyle7m ago
CISA Adds Palo Alto Networks Vulnerability to KEV Catalog – 5-29-26 – PAN disclosed the vulnerability on May 13th, 2026 - https://tinyurl.com/3r78uanm #KEV #CISA #PAN
CISA Adds Palo Alto Networks Vulnerability to KEV Catalog – 5-29-26

Today, CISA  announced  that it was adding a n authentication bypass  vulnerability in t he  Palo Alto Networks (PAN) PAN-OS to  CISA’s Know...

Jonathan Kamens 86 476h ago
We can go after that #CISA contractor for checking all those credentials to a public #GitHub repository. Sure, he shouldna done that.
But here's a data point to consider: in the year and a half I worked for the Department of Veterans Affairs, there was no password manager provided by the VA for employee or contractor use.
Before my arrival they had been using LastPass, but that stopped after the big LP breach and no one ever put in the work to replace it.
#infosec #CivicTech (1/6)
CyberNetsecIO11h ago

📰 CISA Issues Urgent Advisories for Critical Flaws in ICS and OT Devices

⚠️ CISA issues urgent advisories for critical ICS/OT vulnerabilities. Flaws in Jinan USR, ABB, Schneider Electric products could lead to device takeover. A 9.8 CVSS flaw (CVE-2026-7786) has no patch available! 🏭 #ICS #OTsecurity #CISA

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/cisa-warns-of-critical-ics-ot-vulnerabilities/?utm_source=mastodon&utm_medium=social&utm_campaign=daily

DIESEC16h ago

CVE-2026-48172 (CVSS 10.0): any cPanel user can run scripts as root via the LiteSpeed plugin.
CISA KEV added May 26. Active exploitation confirmed. 

Update to plugin version 2.4.5 now.
Federal deadline June 16.

#CyberSecurity #CISA #WebHosting

The New Oil17h ago

#CISA gives feds 4 days to patch actively exploited #cPanel plugin flaw

https://www.bleepingcomputer.com/news/security/cisa-gives-feds-4-days-to-patch-actively-exploited-cpanel-plugin-flaw/

#cybersecurity #hosting

CISA gives feds 4 days to patch actively exploited cPanel plugin flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks.

BleepingComputer
CVE Program1d ago
956 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of May 18, 2026

https://www.cisa.gov/news-events/bulletins/sb26-145

#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa
CVE Program1d ago
Minutes from the CVE Board teleconference meeting on April 29 are now available

https://www.mail-archive.com/cve-editorial[email protected]/msg00331.html

#cve #vulnerability #vulnerabilitymanagement #hssedi #cisa #infosec #cybersecurity
CVE Board Meeting Minutes: April 29, 2026

CyberNetsecIO1d ago

📰 White House Overhauls Federal Logging Policy, Mandating Risk-Based, AI-Driven Monitoring

📜 POLICY UPDATE: The White House has issued a new logging mandate (M-26-14) for federal agencies, replacing M-21-31. The new rule emphasizes a risk-based approach, AI-driven detection, and IoT/OT monitoring. #CyberPolicy #OMB #CISA #ZeroTrust

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/white-house-issues-new-directive-on-federal-cybersecurity-logging/?utm_s…

securityaffairs1d ago
U.S. #CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/192776/security/u-s-cisa-adds-daemon-tools-tanstack-and-nx-console-flaws-to-its-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking
U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs
securityaffairs1d ago
U.S. #CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/192795/hacking/u-s-cisa-adds-litespeed-cpanel-plugin-flaw-to-its-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking
U.S. CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds LiteSpeed cPanel Plugin vulnerability (CVE-2026-48172) to its Known Exploited Vulnerabilities catalog.

Security Affairs