CISA

Cybersecurity and Infrastructure Security Agency

Cyber News & Updates

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning regarding a critical, actively exploited zero-day vulnerability in Oracle Identity Manager (CVE-2025-52054). This flaw, with a CVSS…
Read more →

Reza Rafati

·

Nov 23, 2025

·

2–3 minutes
Cyber News & Updates

Microsoft Exchange End-of-Life: Imminent Threats and Migration Urgency

Microsoft Exchange servers 2016 and 2019 are nearing end-of-life this October, posing an imminent threat due to critical vulnerabilities. This advisory follows the Storm-0558 breach, prompting CISA and NSA to…
Read more →

Peter Chofield

·

Nov 12, 2025

·

1–2 minutes
Cyber News & Updates

CISA Directs Federal Agencies to Patch Actively Exploited VMware Vulnerability by Chinese Threat Actor UNC5174

CISA directs federal agencies to patch a high-severity VMware vulnerability, CVE-2025-41244, actively exploited by the Chinese state-sponsored threat actor UNC5174 since October 2024. All organizations are urged to prioritize patching…
Read more →

Reza Rafati

·

Oct 31, 2025

·

2–3 minutes