The Cybersecurity and Infrastructure Security Agency (CISA) today ordered Federal government agencies to take mitigation steps to deal with a Microsoft Exchange Vulnerability that the agency warned about on Wednesday night, and to finish that work by 9 a.m. Eastern time on Monday, Aug. 11. […]

The Cybersecurity and Infrastructure Security Agency (CISA) on July 20 flagged a new warning from Microsoft on exploitation of a SharePoint vulnerability (CVE-2025-53770). […]

Federal IT teams are scrambling to patch the Log4j and Log4Shell vulnerabilities before they cause major damage – and meet newly updated CISA guidance for Federal civilian agencies requiring immediate mitigation.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) released a statement on Dec. 11 with guidance for organizations to protect themselves against the “log4j” critical vulnerability that surfaced over the weekend. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on July 13 ordering Federal agencies to disable the Microsoft Windows Print Spooler service, after discovering a vulnerability that allows attackers to remotely take over systems and enable adversaries to compromise the entire identity infrastructure of an agency. […]