soc

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-Adresse geschuetztNative Community CLI OS Command Injection Vulnerability CVE-2026-Adresse geschuetztTools SmarterMail Missing Authentication for Critical Function Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal […]

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2018-Adresse geschuetztKernel Integer Overflow Vulnerability CVE-2025-Adresse geschuetztTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability CVE-2026-Adresse geschuetztOffice Security Feature Bypass Vulnerability CVE-2026-Adresse geschuetztTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability CVE-2026-24061 GNU […]

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2024-Adresse geschuetztVMware vCenter Server Out-of-bounds Write Vulnerability  This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant […]

Malware Analysis at a Glance Malware Name     BRICKSTORM Original Publication Dec. 4, 2025  Last Update Feb. 11, 2026  Executive Summary The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Canadian Centre for Cyber Security (Cyber Centre) assess People’s Republic of China (PRC) state-sponsored cyber actors are using BRICKSTORM malware for long-term persistence […]

Summary The Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Coast Guard (USCG) are issuing this Cybersecurity Advisory to present findings from a recent CISA and USCG hunt engagement. The purpose of this advisory is to highlight identified cybersecurity issues, thereby informing security defenders in other organizations of potential similar issues and encouraging them to […]

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to […]