A couple simple steps companies can take to protect their systems from ransomwareStephen WeigandAugust 2, 2021
Vulnerability ManagementCISA gives agencies 3 days to patch maximum severity Ivanti vulnerabilityLaura FrenchJune 12, 2026CISA’s newest binding operational directive imposes short deadlines for the most severe flaws.
Patch/Configuration ManagementSiemens Desigo CC patch files falsely flagged as malwareSC StaffJune 11, 2026The issue affects patch files for Desigo CC versions 7 through 9.
Patch/Configuration ManagementCISA directs federal agencies on prioritization of cyber vulnerabilitiesSC StaffJune 10, 2026The new directive, BOD 26-04, mandates that federal agencies focus on vulnerabilities that affect publicly exposed assets, can be fully automated by attackers, allow for complete system control, or show evidence of active exploitation.
Patch/Configuration ManagementWindows 10 KB5094127 update fixes vulnerabilities, enhances Secure Boot monitoringSC StaffJune 9, 2026The KB5094127 update primarily focuses on security enhancements and bug fixes, as Microsoft is no longer introducing new features to Windows 10.
Vulnerability ManagementCISA adds Check Point VPN bug to list of exploited vulnerabilitiesSteve ZurierJune 9, 2026CISA warns of an exploited Check Point VPN flaw that lets attackers bypass authentication.
Vulnerability Management9.8 Mirasvit bug actively exploited on Magento serversSteve ZurierJune 4, 2026CISA warns of an actively exploited Magento extension flaw that enables remote code execution.
Vulnerability ManagementMost organizations that miss 24-hour patch window report breachesSteve ZurierJune 2, 2026Study points out that AI has shattered the model of patching on a two- to four-week schedule.
Patch/Configuration ManagementCISA orders agencies to patch critical Oracle WebLogic Server vulnerabilitySC StaffJune 2, 2026The vulnerability, CVE-2024-21182, affects Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0.
