CISA KEV Archives • Daily CyberSecurity

CISA Active Exploit Catalog Expands with Critical Gateway Flaws CISA active exploit catalog critical gateway flaws CVE-2023-27532 & CVE-2024-37383

CISA active exploit catalog critical gateway flaws CVE-2023-27532 & CVE-2024-37383

CISA Active Exploit Catalog Expands with Critical Gateway Flaws

Do Son June 9, 2026

Federal Registry Alerts Organizations to Real-World Cyber Risks The Cybersecurity and Infrastructure Security Agency updated its primary...

Weekly Threat Intelligence: June 1 to June 7, 2026 Weekly Threat Intelligence Vulnerability Management Report

Weekly Threat Intelligence: June 1 to June 7, 2026

Do Son June 8, 2026

Welcome to your latest weekly threat intelligence briefing. The global cybersecurity landscape remains highly volatile as we...

CISA Warns of Actively Exploited SolarWinds Serv-U Flaw CVE-2024-28991 & CVE-2024-28990 SolarWinds RCE vulnerability CVE-2025-26399

CISA Warns of Actively Exploited SolarWinds Serv-U Flaw

Do Son June 6, 2026

Severe Infrastructure Exposure Discovered The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new threat to...

actively exploited vulnerabilities Android privilege escalation flaw DELMIA Apriso RCE, CISA KEV Exploitation ServiceNow Vulnerabilities

Actively Exploited Vulnerabilities Added to CISA KEV Catalog

Do Son June 3, 2026

The Cybersecurity and Infrastructure Security Agency recently expanded its primary tracking catalog. Specifically, the organization added two...

Weekly Threat Intelligence: May 25 to May 31, 2026 Weekly Threat Intelligence Active Vulnerability Report

Weekly Threat Intelligence: May 25 to May 31, 2026

Do Son June 1, 2026

Welcome to your weekly threat intelligence briefing. The cybersecurity landscape shifted dramatically between May 25 and May...

The Zero-Day Dispatch: Weekly Threat Intelligence Briefing (May 18 – May 24, 2026)

Do Son May 25, 2026

Welcome to your weekly threat intelligence briefing. Between May 18 and May 24, 2026, security teams faced...

CISA Sound the Alarm: Langflow AI Platform and Trend Micro Added to KEV Catalog Due to Active Exploitation CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

CISA Sound the Alarm: Langflow AI Platform and Trend Micro Added to KEV Catalog Due to Active Exploitation

Do Son May 21, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two newly weaponized security vulnerabilities to its...

SaaS-Style Cybercrime: Attackers Weaponize Langflow RCE and NATS Messaging for Ultra-Scalable C2 NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

SaaS-Style Cybercrime: Attackers Weaponize Langflow RCE and NATS Messaging for Ultra-Scalable C2

Do Son May 18, 2026

A sophisticated new command-and-control (C2) technique has emerged, revealing threat actors who operate more like modern SaaS...

The CVE Watchtower: Weekly Threat Intelligence Briefing (May 11 – May 17, 2026)

Do Son May 18, 2026

Welcome to your weekly vulnerability digest. If your security dashboards have been flashing red, your telemetry is...

The CVE Watchtower: Weekly Threat Intelligence Briefing (May 4 – May 10, 2026) Weekly vulnerability digest May 2026

The CVE Watchtower: Weekly Threat Intelligence Briefing (May 4 – May 10, 2026)

Do Son May 11, 2026

Welcome to your weekly vulnerability digest. If you thought the threat landscape was plateauing as we entered...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 27 – May 3, 2026) cPanel Authentication Bypass Architectural Mismatch

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 27 – May 3, 2026)

Do Son May 4, 2026

Welcome to your weekly vulnerability digest. As we transition from April to May, attackers are weaponizing critical...

Active In-The-Wild Exploit: “Copy Fail” Grants Root Privileges on Millions of Linux Systems Copy Fail CVE-2026-31431 Linux Root Privilege Exploit

Active In-The-Wild Exploit: “Copy Fail” Grants Root Privileges on Millions of Linux Systems

Do Son May 2, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2026-31431 to its Known Exploited Vulnerabilities (KEV)...

44,000 IPs Hijacked: cPanel’s 9.8 CVSS Authentication Bypass Triggers Global Ransomware Surge cPanel Authentication Bypass CVE-2026-41940

44,000 IPs Hijacked: cPanel’s 9.8 CVSS Authentication Bypass Triggers Global Ransomware Surge

Do Son May 2, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning, adding a critical vulnerability in...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026) Vulnerability Digest AI Infrastructure Security

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)

Do Son April 27, 2026

Welcome to your Monday morning vulnerability digest. As we close out the final full week of April,...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

In the Wild: Information Disclosure (CVE-2026-20133) Exploited in Cisco SD-WAN Manager

Do Son April 23, 2026

The networking giant Cisco has issued an urgent warning to enterprise administrators. In April 2026, the Cisco...

Microsoft Defender Zero-Day “BlueHammer” Hits KEV Catalog Following Researcher’s Protest BlueHammer Exploit Microsoft Defender LPE

Microsoft Defender Zero-Day “BlueHammer” Hits KEV Catalog Following Researcher’s Protest

Do Son April 23, 2026

CISA has officially added a fresh vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 13 – April 19, 2026) MCP Security Vulnerability Management

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 13 – April 19, 2026)

Do Son April 20, 2026

Welcome to this week’s vulnerability digest. Between April 13 and April 19, 2026, the global security community logged...

CISA Adds Critical Apache ActiveMQ RCE Flaw to KEV Catalog ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA Adds Critical Apache ActiveMQ RCE Flaw to KEV Catalog

Do Son April 17, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive after adding a high-severity vulnerability...

Sustainable Security: NIST Abandons “Analyze Everything” Goal for NVD NIST NVD Overhaul Risk-Based Triage

Sustainable Security: NIST Abandons “Analyze Everything” Goal for NVD

Do Son April 16, 2026

In a major strategic shift, the National Institute of Standards and Technology (NIST) has announced a fundamental...

Active SharePoint Spoofing and Legacy Office RCE: CISA Alerts on New KEV Exploits CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

Active SharePoint Spoofing and Legacy Office RCE: CISA Alerts on New KEV Exploits

Do Son April 15, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, sounding a...

Critical Alert 2 Active Exploits Detected Today

Critical Alert

CISA KEV

CISA Active Exploit Catalog Expands with Critical Gateway Flaws

Weekly Threat Intelligence: June 1 to June 7, 2026

CISA Warns of Actively Exploited SolarWinds Serv-U Flaw

Actively Exploited Vulnerabilities Added to CISA KEV Catalog

Weekly Threat Intelligence: May 25 to May 31, 2026

The Zero-Day Dispatch: Weekly Threat Intelligence Briefing (May 18 – May 24, 2026)

SaaS-Style Cybercrime: Attackers Weaponize Langflow RCE and NATS Messaging for Ultra-Scalable C2

The CVE Watchtower: Weekly Threat Intelligence Briefing (May 11 – May 17, 2026)

The CVE Watchtower: Weekly Threat Intelligence Briefing (May 4 – May 10, 2026)

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 27 – May 3, 2026)

Active In-The-Wild Exploit: “Copy Fail” Grants Root Privileges on Millions of Linux Systems

44,000 IPs Hijacked: cPanel’s 9.8 CVSS Authentication Bypass Triggers Global Ransomware Surge

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)

In the Wild: Information Disclosure (CVE-2026-20133) Exploited in Cisco SD-WAN Manager

Microsoft Defender Zero-Day “BlueHammer” Hits KEV Catalog Following Researcher’s Protest

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 13 – April 19, 2026)

CISA Adds Critical Apache ActiveMQ RCE Flaw to KEV Catalog

Sustainable Security: NIST Abandons “Analyze Everything” Goal for NVD

Active SharePoint Spoofing and Legacy Office RCE: CISA Alerts on New KEV Exploits