Cisa
The latest Cisa coverage — news, analysis, and updates from the WindowsNews.AI desk.
CISA Adds D-Link Router & New Critical Flaw to KEV Catalog: What Windows Users Must Know
The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog with two significant additions this week, highlighting ongoing threats to...
Johnson Controls iSTAR TLS Certificate Crisis: Security Flaw Exposes Physical Access Systems
A critical security vulnerability affecting Johnson Controls iSTAR door controllers has emerged as a significant threat to physical access control systems worldwide, with a certificate-handling flaw...
CVE-2025-26381: Johnson Controls OpenBlue Mobile Web App Forced Browsing Vulnerability
Johnson Controls has disclosed a significant security vulnerability in its OpenBlue Mobile Web Application for OpenBlue Workplace, tracked as CVE-2025-26381, which exposes building management systems...
CISA Flags Windows OT Risk: Advantech iView Flaws Enable Remote Code Execution
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning of multiple severe vulnerabilities in Advantech's iView industrial video monitoring and management...
CISA Sounds Alarm on Actively Exploited OpenPLC ScadaBR Vulnerability — Here’s How to Respond
The Cybersecurity and Infrastructure Security Agency on December 3 added a four-year-old flaw in the OpenPLC ScadaBR industrial control software to its Known Exploited Vulnerabilities catalog, citing...
CISA KEV Catalog Update: Android Framework CVE-2025-48633 Patch Urgency Explained
The Cybersecurity and Infrastructure Security Agency's latest update to its Known Exploited Vulnerabilities (KEV) Catalog has placed a critical spotlight on CVE-2025-48633, a high-severity...
CISA ICS Advisories 2025: Critical Firmware Updates and Network Security
The Cybersecurity and Infrastructure Security Agency (CISA) has released its 2025 consolidated advisory package targeting industrial control systems (ICS), highlighting an alarming escalation in...
Ashlar-Vellum Cobalt Vulnerabilities: Critical Security Patch Required
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding multiple high-impact memory-safety vulnerabilities in Ashlar-Vellum's Cobalt family of CAD software...
CISA KEV Catalog Updates: Critical Patch Management for Windows Security
The Cybersecurity and Infrastructure Security Agency (CISA) continues to expand its Known Exploited Vulnerabilities (KEV) Catalog, creating urgent patching requirements for federal agencies and...
Lynx+ Gateway Security Crisis: CISA Alert Warns of Critical ICS Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security advisory warning about multiple high-severity vulnerabilities in General Industrial Controls' Lynx+...
CISA Issues 4 High-Severity ICS Advisories: Critical Flaws in GPS, Energy Systems
The Cybersecurity and Infrastructure Security Agency (CISA) has issued four new Industrial Control Systems (ICS) advisories on June 10, 2025, highlighting critical vulnerabilities affecting GPS...
CVE-2025-12636 in Ubia Ubox cameras lets attackers steal credentials, access live feeds
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical industrial control systems advisory warning about a severe security vulnerability in Ubia Ubox camera systems that...