CISA Archives • Penetration Testing Tools

NSA, CISA, & Partners Expose Chinese APT Groups Chinese APT Data I/O Ransomware Canadian government cyberattack Luxembourg Cyberattack Air Serbia Cyberattack, Airline Breach Brazil Bank Hack ICC Cyberattack CVE-2024-21410

Chinese APT Data I/O Ransomware Canadian government cyberattack Luxembourg Cyberattack Air Serbia Cyberattack, Airline Breach Brazil Bank Hack ICC Cyberattack CVE-2024-21410

NSA, CISA, & Partners Expose Chinese APT Groups

ddos August 29, 2025

The U.S. National Security Agency, the U.K.’s National Cyber Security Centre, and partners from more than ten...

CISA Adds Three Vulnerabilities to Catalog, Urges Immediate Patching CISA D-Link Vulnerabilities PaperCut Vulnerability

CISA Adds Three Vulnerabilities to Catalog, Urges Immediate Patching

ddos August 27, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited...

New Exchange Flaw Lets Hackers Take Over Your Cloud Environment MSI repair MAPP Exchange Server AI Malware Analysis Microsoft Bug Bounty Zero-Day Leak Microsoft DoD Cloud Patch Tuesday Microsoft Researcher

MSI repair MAPP Exchange Server AI Malware Analysis Microsoft Bug Bounty Zero-Day Leak Microsoft DoD Cloud Patch Tuesday Microsoft Researcher

New Exchange Flaw Lets Hackers Take Over Your Cloud Environment

ddos August 11, 2025

Microsoft, in coordination with federal agencies, has issued a warning about a newly discovered, high-severity vulnerability in...

Urgent: Google Patches Actively Exploited Flaws in Android Devices Qualcomm Snapdragon 8s Gen 3

Urgent: Google Patches Actively Exploited Flaws in Android Devices

ddos August 7, 2025

Google has released a series of urgent security updates for Android, addressing multiple critical vulnerabilities, including two...

Your D-Link Camera is a Target: CISA Warns of Actively Exploited Flaws CISA D-Link Vulnerabilities PaperCut Vulnerability

Your D-Link Camera is a Target: CISA Warns of Actively Exploited Flaws

ddos August 7, 2025

In recent months, cybercriminals have once again turned their attention to long-known vulnerabilities in popular models of...

CISA Unleashes Thorium: A Powerful New Platform for Automated Malware & Forensic Analysis at Scale

ddos August 4, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced the public release of Thorium—a powerful analytical...

PaperCut NG/MF Vulnerability (CVE-2023-2533) Under Active Exploitation, Allows Remote Code Execution CISA D-Link Vulnerabilities PaperCut Vulnerability

PaperCut NG/MF Vulnerability (CVE-2023-2533) Under Active Exploitation, Allows Remote Code Execution

ddos July 30, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation...

US Cyber Warfare Shift: A $1 Billion Gamble Vulnerability scoring AI bots HTTP/2 vulnerability Cyber Force Linux Security China Cybersecurity Cyber Warfare UN Cybersecurity macOS SMBClient

Vulnerability scoring AI bots HTTP/2 vulnerability Cyber Force Linux Security China Cybersecurity Cyber Warfare UN Cybersecurity macOS SMBClient

US Cyber Warfare Shift: A $1 Billion Gamble

ddos July 16, 2025

The Trump administration is planning to allocate $1 billion over the next four years toward offensive operations...

CISA Warns: TeleMessage TM SGNL Actively Exploited for Data Leaks, Patch by July 22 Bridgestone, cyberattack Nevada cyberattack TPG Telecom Data breach Traffic enforcement Airline Outage SharePoint Exploitation SharePoint Zero-Day Crypto Exchange Hack Solana Exploit Houken TeleMessage TM SGNL Mobile Security Salt Typhoon Kansas State University cyberattack

Bridgestone, cyberattack Nevada cyberattack TPG Telecom Data breach Traffic enforcement Airline Outage SharePoint Exploitation SharePoint Zero-Day Crypto Exchange Hack Solana Exploit Houken TeleMessage TM SGNL Mobile Security Salt Typhoon Kansas State University cyberattack

CISA Warns: TeleMessage TM SGNL Actively Exploited for Data Leaks, Patch by July 22

ddos July 5, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning regarding serious threats posed by...

CISA, FBI, NSA Warn: Iran-Linked Cyber Actors May Target US Critical Infrastructure OAG ransomware Zeppelin ToolShell Chain Iran Cyber Threat UK Retail Cyberattack, CMC Financial Impact Indonesia spyware

OAG ransomware Zeppelin ToolShell Chain Iran Cyber Threat UK Retail Cyberattack, CMC Financial Impact Indonesia spyware

CISA, FBI, NSA Warn: Iran-Linked Cyber Actors May Target US Critical Infrastructure

ddos July 2, 2025

U.S. cyber divisions, including the FBI and NSA, have issued an urgent advisory warning of potential cyberattacks...

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities Windows drivers Rust Foundation Memory-Safe Languages

Windows drivers Rust Foundation Memory-Safe Languages

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities

ddos June 29, 2025

The leading cybersecurity agencies in the United States—CISA and the NSA—have issued a joint report urging software...

CISA Warns: Critical AMI MegaRAC Firmware Flaw (CVE-2024-54085, CVSS 10.0) Actively Exploited for Server Takeover MathWorks ransomware SharePoint vulnerability Linux servers WinRAR zero-day SharePoint Zero-Day Zero-day Attack AMI MegaRAC, Critical Vulnerability

MathWorks ransomware SharePoint vulnerability Linux servers WinRAR zero-day SharePoint Zero-Day Zero-day Attack AMI MegaRAC, Critical Vulnerability

CISA Warns: Critical AMI MegaRAC Firmware Flaw (CVE-2024-54085, CVSS 10.0) Actively Exploited for Server Takeover

ddos June 27, 2025

Hackers have begun actively exploiting a critical vulnerability that grants them full control over thousands of servers,...

CISA Warns of Actively Exploited Apache Flink Vulnerability

ddos May 27, 2024

In early 2021, an access control flaw in Apache Flink was rectified, which has now been added...

Microsoft SharePoint Under Attack: CISA Issues Alert

ddos March 28, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has expressed concern over the active exploitation of a vulnerability...

9.8 Severity! Hackers Weaponize SharePoint Flaw, CISA Warns of Attacks

ddos January 14, 2024

The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw affecting Microsoft...

CISA Adds 4 Qualcomm Chipsets Vulnerabilities to KEV Catalog Due to Active Exploitation

ddos December 6, 2023

In recent times, cybersecurity has become a paramount concern for organizations of all sizes, including government agencies....

CISA

NSA, CISA, & Partners Expose Chinese APT Groups

CISA Adds Three Vulnerabilities to Catalog, Urges Immediate Patching

Urgent: Google Patches Actively Exploited Flaws in Android Devices

Your D-Link Camera is a Target: CISA Warns of Actively Exploited Flaws

CISA Unleashes Thorium: A Powerful New Platform for Automated Malware & Forensic Analysis at Scale

PaperCut NG/MF Vulnerability (CVE-2023-2533) Under Active Exploitation, Allows Remote Code Execution

US Cyber Warfare Shift: A $1 Billion Gamble

CISA Warns: TeleMessage TM SGNL Actively Exploited for Data Leaks, Patch by July 22

CISA, FBI, NSA Warn: Iran-Linked Cyber Actors May Target US Critical Infrastructure

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities

CISA Warns: Critical AMI MegaRAC Firmware Flaw (CVE-2024-54085, CVSS 10.0) Actively Exploited for Server Takeover

CISA Warns of Actively Exploited Apache Flink Vulnerability

Microsoft SharePoint Under Attack: CISA Issues Alert

9.8 Severity! Hackers Weaponize SharePoint Flaw, CISA Warns of Attacks

CISA Adds 4 Qualcomm Chipsets Vulnerabilities to KEV Catalog Due to Active Exploitation

You may have missed

Havoc: modern and malleable post-exploitation command and control framework

CastleRAT: The New MaaS Threat Expanding the Cybercrime Toolkit

EU Fines Google $3.5B for Abusing Its Ad Tech Monopoly

Hackers Threaten Google: Fire Our Trackers or We’ll Leak Your Data