CIS Security Advisories
CIS Security News
CISA News
ISACA SmartBrief
Cyber Security Advisories – MS-ISAC
- A Vulnerability in WatchGuard Fireware OS Could Allow for Arbitrary Code Execution. 2025-12-23A vulnerability has been discovered in WatchGuard Fireware OS, which could allow for unauthenticated arbitrary code execution. WatchGuard Fireware is the proprietary operating system that powers WatchGuard's Firebox appliances. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on the system.
- A Vulnerability in Cisco AsyncOS Could Allow for Remote Code Execution 2025-12-18A vulnerability has been discovered in Cisco AsyncOS, which could allow for remote code execution. AsyncOS is the operating system used by Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands with root-level privileges on the underlying operating system.
- Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution 2025-12-16Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install […]
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2025-12-12Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; […]
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2025-12-09Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe ColdFusion is a rapid web application development platform that uses the ColdFusion Markup Language (CFML).Adobe Experience Manager (AEM) is a content management and experience management system that helps businesses build and manage their digital presence […]
- Critical Patches Issued for Microsoft Products, December 9, 2025 2025-12-09Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; […]
- Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2025-12-09Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Successful exploitation of the most severe of these vulnerabilities could allow […]
- A Vulnerability in React Server Component (RSC) Could Allow for Remote Code Execution 2025-12-05A vulnerability in the React Server Components (RSC) implementation has been discovered that could allow for remote code execution. Specifically, it could allow for unauthenticated remote code execution on affected servers. The issue stems from unsafe deserialization of RSC “Flight” protocol payloads, enabling an attacker to send a crafted request that triggers execution of code […]
- A Vulnerability in SonicOS Could Allow for Denial of Service (DoS) 2025-11-24A vulnerability has been discovered SonicOS, which could allow for Denial of Service (DoS). SonicOS is the operating system that runs on SonicWall's network security appliances, such as firewalls. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash. This vulnerability […]
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2025-11-24Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; […]
Blog Feed – Center for Internet Security
- Cybersecurity Collaboration for the U.S. SLTT Community 2025-12-26The MS-ISAC provides the only nationwide network dedicated to cybersecurity collaboration in the U.S. SLTT community. Read on to learn more.
- Malicious Crystal PDF Converter Detected on SLTT Networks 2025-12-24In October 2025, CIS CTI observed a rise in CIS MDR alerts associated with Crystal PDF on U.S. SLTT endpoints. Here's how to defend yourself.
- CIS Benchmarks December 2025 Update 2025-12-18Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for December 2025.
- Scale Linux Workload Security on Azure with CIS Benchmarks 2025-12-16Looking to automate Azure Linux hardening and streamline hybrid security? Learn how to do it at scale with Azure OSConfig and the CIS Benchmarks.
- CIS Benchmarks Update November 2025 2025-11-19The November 2025 CIS Benchmarks monthly update highlights the CIS Benchmarks and CIS Build Kits that have been updated or recently released.
- Control Assist: A Path to Cyber Insurance Readiness for SMBs 2025-11-19CIS and CyberAcuView have launched Control Assist, an initiative designed to simplify cyber insurance and strengthen cybersecurity for SMBs.
- Malicious Crystal PDF Converter Detected on SLTT Networks 2025-11-17In October 2025, CIS CTI observed a rise in CIS MDR alerts associated with Crystal PDF on U.S. SLTT endpoints. Here's how to defend yourself.
- Impact of Federal Funding Cuts to the Value of MS-ISAC CTI 2025-11-17The adoption of a fee-based membership model has had minimal and in some aspects positive impact on MS-ISAC CTI. Read our blog to learn more.
- Top 10 Malware Q3 2025 2025-11-14Total malware notifications from MS-ISAC monitoring services increased 38% from Q2 to Q3 2025. Learn more by reading our Top 10 Malware list.
- 7 CIS Experts' 2026 Cybersecurity Predictions 2025-10-31What does 2026 have in store for cybersecurity? Read our experts' 2026 cybersecurity predictions to find out and get planning.
All CISA Advisories
- WHILL Model C2 Electric Wheelchairs and Model F Power Chairs 2025-12-30View CSAF Summary Successful exploitation of this vulnerability could allow an attacker within Bluetooth range to take control over the product. The following versions of WHILL Model C2 Electric Wheelchairs and Model F Power Chairs are affected: Model C2 Electric WheelChair (CVE-2025-14346) Model F Power Chair (CVE-2025-14346) CVSS Vendor Equipment Vulnerabilities v3 9.8 WHILL Inc. […]CISA
- CISA Releases Two Industrial Control Systems Advisories 2025-12-30CISA released two Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-364-01: WHILL C2 Wheelchairs ICSA-25-345-03: AzeoTech DAQFactory (Update A) CISA encourages users and administrators to review newly released ICS Advisories for technical details and mitigations.CISA
- CISA Adds One Known Exploited Vulnerability to Catalog 2025-12-29CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-14847 MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) […]CISA
- CISA Releases One Industrial Control Systems Advisory 2025-12-23CISA released one Industrial Control Systems (ICS) Advisory. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-177-01 Mitsubishi Electric Air Conditioning Systems (Update B) CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations.CISA
- CISA Adds One Known Exploited Vulnerability to Catalog 2025-12-22CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2023-52163 Digiever DS-2105 Pro Missing Authorization Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk […]CISA
- NIST and CISA Release Draft Interagency Report on Protecting Tokens and Assertions from Tampering Theft and Misuse for Public Comment 2025-12-22The Cybersecurity and Infrastructure Security Agency (CISA) and National Institute of Standards and Technology (NIST) have released an initial draft of Interagency Report (IR) 8597 Protecting Tokens and Assertions from Forgery, Theft, and Misuse for public comment through January 30, 2026. This report is in response to Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity […]CISA
- CISA Adds One Known Exploited Vulnerability to Catalog 2025-12-19CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-14733 WatchGuard Firebox Out-of-Bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of […]CISA
- CISA and Partners Release Update to Malware Analysis Report BRICKSTORM Backdoor 2025-12-19Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency, and Canadian Centre for Cyber Security released an update to the Malware Analysis Report BRICKSTORM Backdoor with indicators of compromise (IOCs) and detection signatures for additional BRICKSTORM samples. This update provides information on additional samples, including Rust-based samples. These samples demonstrate advanced persistence and […]CISA
- Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products 2025-12-18View CSAF Summary Successful exploitation of this vulnerability could result in denial-of-service (DoS), information tampering, and information disclosure. The following versions of Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products are affected: GENESIS64 (CVE-2025-11774) ICONICS Suite (CVE-2025-11774) MobileHMI (CVE-2025-11774) MC Works64 (CVE-2025-11774) CVSS Vendor Equipment Vulnerabilities v3 8.2 Mitsubishi Electric Iconics Digital Solutions, Mitsubishi […]CISA
- CISA Releases Nine Industrial Control Systems Advisories 2025-12-18CISA released nine Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-352-01 Inductive Automation Ignition ICSA-25-352-02 Schneider Electric EcoStruxure Foxboro DCS Advisor ICSA-25-352-03 National Instruments LabView ICSA-25-352-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products ICSA-25-352-05 Siemens Interniche IP-Stack ICSA-25-352-06 Advantech WebAccess/SCADA ICSA-25-352-07 […]CISA
ISACA SmartBrief on Cybersecurity
- Amazon detects surge in North Korean fake job applicants 2025-12-30Amazon has thwarted more than 1,800 fraudulent job applications from North Korean operatives since April 2024, with one succe -More-
- Baker University's data breach impacts over 53,000 2025-12-30Personal, health and financial information for more than 53,000 people has been compromised in a data breach at Baker Univers -More-
- AI-driven Chimera Bots are emerging as cyberthreats 2025-12-30The emergence of AI-driven "Chimera Bots" is transforming the cyberthreat landscape, combining automation, machine learning a -More-
- N. Korean hackers increasingly target large crypto services 2025-12-30North Korean hackers stole $2.02 billion in cryptocurrency in 2025, a 51% increase from the previous year, according to Chain -More-
- 9. TransUnion data breach affects more than 4.4M in US 2025-12-30-More-
- 10. Volkswagen data leak exposes thousands of EV locations 2025-12-30-More-
- 7. Nova Scotia government faulted for security over breach 2025-12-30-More-
- 1. Report: IT-OT integration amplifies cybersecurity risks 2025-12-30Manufacturers are experiencing a surge in cybersecurity incidents due to the integration of IT and operational technology, ac -More-
- 5. Hacker claims NYU illegal admissions in data breach 2025-12-30-More-
- 6. ShinyHunters breach puts billions of Gmail accounts at risk 2025-12-30-More-
