CIS Security Advisories
CIS Security News
CISA News
ISACA SmartBrief
Cyber Security Advisories – MS-ISAC
- A Vulnerability in React Server Component (RSC) Could Allow for Remote Code Execution 2025-12-05A vulnerability in the React Server Components (RSC) implementation has been discovered that could allow for remote code execution. Specifically, it could allow for unauthenticated remote code execution on affected servers. The issue stems from unsafe deserialization of RSC “Flight” protocol payloads, enabling an attacker to send a crafted request that triggers execution of code […]
- A Vulnerability in SonicOS Could Allow for Denial of Service (DoS) 2025-11-24A vulnerability has been discovered SonicOS, which could allow for Denial of Service (DoS). SonicOS is the operating system that runs on SonicWall's network security appliances, such as firewalls. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash. This vulnerability […]
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2025-11-24Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; […]
- Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution 2025-11-18Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution. FortiClient for Windows is a unified endpoint security solution that provides a range of security features, including a VPN client for secure remote access to corporate networks, antivirus protection, web filtering, and vulnerability assessment.FortiExtender is a device from […]
- A Vulnerability in FortiWeb Could Allow for Remote Code Execution 2025-11-14A vulnerability has been discovered FortiWeb, which could allow for remote code execution. FortiWeb is a web application firewall (WAF) developed by Fortinet. It's designed to protect web applications and APIs from a wide range of attacks, including those targeting known vulnerabilities and zero-day exploits. Successful exploitation of this vulnerability could allow an attacker to execute […]
- Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2025-11-11Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow […]
- Critical Patches Issued for Microsoft Products, November 11, 2025 2025-11-11Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; […]
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2025-11-11Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe InDesign is a professional page layout and desktop publishing software used for designing and publishing content for both print and digital media.Adobe InCopy is a professional word processor designed for writers and editors to collaborate […]
- Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution 2025-11-10Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution. […]
- Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution 2025-11-07Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install […]
Blog Feed – Center for Internet Security
- CIS Benchmarks Update November 2025 2025-11-19The November 2025 CIS Benchmarks monthly update highlights the CIS Benchmarks and CIS Build Kits that have been updated or recently released.
- Control Assist: A Path to Cyber Insurance Readiness for SMBs 2025-11-19CIS and CyberAcuView have launched Control Assist, an initiative designed to simplify cyber insurance and strengthen cybersecurity for SMBs.
- Impact of Federal Funding Cuts to the Value of MS-ISAC CTI 2025-11-17The adoption of a fee-based membership model has had minimal and in some aspects positive impact on MS-ISAC CTI. Read our blog to learn more.
- Top 10 Malware Q3 2025 2025-11-14Total malware notifications from MS-ISAC monitoring services increased 38% from Q2 to Q3 2025. Learn more by reading our Top 10 Malware list.
- 7 CIS Experts' 2026 Cybersecurity Predictions 2025-10-31What does 2026 have in store for cybersecurity? Read our experts' 2026 cybersecurity predictions to find out and get planning.
- CIS Benchmarks Monthly Update October 2025 2025-10-31We've highlighted the major updates for CIS Benchmarks and CIS Build Kits in the Benchmarks Monthly Update for October 2025.
- MS-ISAC Member-Reported Phishing Likely from Tycoon2FA PhaaS 2025-10-29The CIS CTI team saw an uptick in member-submitted phishing emails in Q3 2025. Learn the overlap these emails have with the Tycoon2FA PhaaS kit.
- How Secure by Design Helps Developers Build Secure Software 2025-10-28Secure by Design offers practical, risk-based strategies for integrating security into the software development lifecycle.
- ClickFix: An Adaptive Social Engineering Technique 2025-10-27The CIS CTI tracked two ClickFix campaigns between January 2025 and October 2025. Learn more about them and how to defend yourself.
- Simplify Security Management with CIS SecureSuite Platform 2025-10-16Looking to simplify security management and accelerate audits? Read our blog post to learn how our CIS SecureSuite Platform can help!
All CISA Advisories
- CISA Adds Two Known Exploited Vulnerabilities to Catalog 2025-12-09CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-6218 RARLAB WinRAR Path Traversal Vulnerability CVE-2025-62221 Microsoft Windows Use After Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) […]CISA
- Opportunistic Pro-Russia Hacktivists Attack US and Global Critical Infrastructure 2025-12-09CISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy, Environmental Protection Agency, the Department of Defense Cyber Crime Center, and other international partners published a joint cybersecurity advisory, Pro-Russia Hacktivists Create Opportunistic Attacks Against US and Global Critical Infrastructure. This advisory, published as an addition to the joint fact […]CISA
- Festo LX Appliance 2025-12-09View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Festo SE & Co. KG Equipment: LX Appliance Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a user of LX Appliance with a high privilege account to craft a malicious course and launch an XSS attack. […]CISA
- Multiple India-based CCTV Cameras 2025-12-09View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: D-Link (India Limited), Sparsh Securitech, Securus CCTV Equipment: DCS-F5614-L1 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information disclosure including capture of camera account credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The […]CISA
- Universal Boot Loader (U-Boot) 2025-12-09View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: U-Boot Equipment: U-Boot Vulnerability: Improper Access Control for Volatile Memory Containing Boot Code 2. RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of U-boot is affected: U-boot: All […]CISA
- CISA Releases Three Industrial Control Systems Advisories 2025-12-09CISA released three Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-343-01 Universal Boot Loader (U-Boot) ICSA-25-343-02 Festo LX Appliance ICSA-25-343-03 Multiple India-Based CCTV Cameras CISA encourages users and administrators to review newly released ICS Advisories for technical details and mitigations.CISA
- Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure 2025-12-09Summary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet Primary Mitigations to Reduce Cyber Threats to Operational Technology and European Cybercrime Centre’s (EC3) Operation Eastwood, in which CISA, Federal Bureau of Investigation (FBI), Department of Energy (DOE), Environmental […]CISA
- CISA Adds Two Known Exploited Vulnerabilities to Catalog 2025-12-08CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2022-37055 D-Link Routers Buffer Overflow Vulnerability CVE-2025-66644 Array Networks ArrayOS AG OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational […]CISA
- CISA Adds One Known Exploited Vulnerability to Catalog 2025-12-05Updated December 9, 2025: Check for signs of potential compromise on all internet accessible REACT instances after applying mitigations. For more information, see React Blog: Critical Security Vulnerability in React Server Components. CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-55182 Meta React Server Components Remote Code […]CISA
- Johnson Controls iSTAR 2025-12-04View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Low attack complexity Vendor: Johnson Controls Inc. Equipment: iSTAR eX, iSTAR Edge, iSTAR Ultra LT, iSTAR Ultra, iSTAR Ultra SE Vulnerability: Improper Validation of Certificate Expiration 2. RISK EVALUATION Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate […]CISA
ISACA SmartBrief on Cybersecurity
- I thought it was possible to find a way to express feeling and humanistic qualities in a building. 2025-12-09Frank Gehry, architect, designer 1929-2025
- ISO/IEC 42001 and EU AI Act: A Practical Pairing for AI Governance 2025-12-09With upcoming AI regulatory obligations and rules set to take effect, organizations face immediate compliance deadlines. -More-
- Petco breach exposes sensitive customer data 2025-12-09Petco has disclosed a breach spanning several states that exposed customers' data, including names, Social Security numbers a -More-
- AI-driven threats prompt shift toward proactive security 2025-12-09Chief information security officers are adopting offensive security measures to bolster their cybersecurity strategies amid t -More-
- Nvidia, Lakera AI study risks of agentic AI systems 2025-12-09Nvidia and Lakera AI have introduced a safety and security framework to address the unpredictable behavior of agentic AI syst -More-
- AI-powered IDEs found to have 30+ security vulnerabilities 2025-12-09Security researcher Ari Marzouk has found more than 30 security vulnerabilities in AI-powered integrated development environm -More-
- ClayRat spyware rapidly expands with hundreds of variants 2025-12-09Cybersecurity researchers have identified a new version of the ClayRat Android spyware with enhanced surveillance and device- -More-
- Report: Ransomware payments hit a peak in 2023 2025-12-09Ransomware incidents reached a record high in 2023, with over 1,500 incidents and $1.1 billion in payments, according to the -More-
