CISA
-
Google Fixes High-Severity Chrome Vulnerability Amid Ongoing Attacks
Google has fixed a critical vulnerability in Chrome, CVE-2025-4664, being actively exploited by attackers. CISA’s inclusion of this flaw in its known exploited vulnerabilities list underscores urgent calls for browser updates among federal agencies and private organizations alike.
-
Surge in Vulnerabilities Plagues SonicWall Devices, Heightening Cybersecurity Concerns
SonicWall faces a surge in vulnerabilities affecting its devices, with 20 disclosed in 2025, raising cybersecurity concerns as attackers exploit these weaknesses. The company’s efforts to patch vulnerabilities and enhance security features are underway as the threat landscape evolves.
-
Cybersecurity Community Breathes a Sigh of Relief as CVE Database Funding Extended
The cybersecurity community expressed relief following an 11-month funding extension for the CVE database, which will continue operations after concerns of a shutdown. Industry leaders stress the importance of establishing a long-term plan for its future to maintain effective vulnerability management.
-
CISA Issues Warning on Cybersecurity Vulnerabilities in US Oil and Gas Sector
The Cybersecurity and Infrastructure Security Agency (CISA) has warned about the risk of cyberattacks on the US oil and gas infrastructure, highlighting systemic vulnerabilities and the importance of basic cybersecurity practices.
-
US Government Agrees to Continue Funding CVE Program Amid Concerns
In a crucial move for the cybersecurity sector, the US government has agreed to extend funding for the Common Vulnerabilities and Exposures (CVE) program amid concerns over its future. Following MITRE’s announcement that federal support was about to end, this extension ensures the continuity of CVE services, which are pivotal in identifying and managing technology…
-
End of CVE Program Sparks Concerns Among Cybersecurity Experts
The Department of Homeland Security’s decision to let its contract with MITRE expire could jeopardize the future of the Common Vulnerabilities and Exposures (CVE) program, raising alarms among cybersecurity experts about the potential disruption to vulnerability tracking and management.
