All news

CISA

(4 articles)

May 26, 2026

CISA Orders Patch for Exploited Drupal SQL Injection

CISA added CVE-2026-9082, an actively exploited Drupal SQL injection flaw, to its KEV catalog. Federal agencies must patch by May 27. Here's what developers need to know.

Zimbra XSS Flaw CVE-2025-48700 Hits 10K Servers

April 24, 2026

Zimbra XSS Flaw CVE-2025-48700 Hits 10K Servers

Over 10,500 unpatched Zimbra servers are actively exploited via CVE-2025-48700 XSS. Learn what's at risk and how to secure your instance now.

CISA Adds 6 Exploited Flaws: Fortinet, Microsoft, Adobe

April 14, 2026

CISA Adds 6 Exploited Flaws: Fortinet, Microsoft, Adobe

CISA added 6 actively exploited vulnerabilities in Fortinet, Microsoft, and Adobe to its KEV catalog. Here's what developers need to patch immediately.

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

March 21, 2026

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

CISA added Apple, Craft CMS, and Laravel vulnerabilities to its KEV catalog, mandating federal agencies patch by April 3, 2026.