#cisa

#cisa

We'll take whatever the Congress decides to authorize us, wherever they see fit within their purview, to authorize and to give us our authorities to be able to use,

The Cybersecurity and Infrastructure Security Agency is exploring more diversified funding mechanisms to help cover the cost of a bedrock vulnerability cataloging program that's been relied upon by the cyber community for years. The Common Vulnerabilities and Exposures Program faced a near complete lapse in funding in April when MITRE, the research giant that funds much of the program's functions, warned of an imminent end to federal backing for the cornerstone cybersecurity project. The lapse was reversed within hours after outcry from the cybersecurity community.

CVE-2025-53786 is an elevation of privilege bug that Outsider Security's Dirk-jan Mollema reported to Microsoft. It exists because of the way hybrid Exchange deployments, which connect on-premises Exchange servers to Exchange Online, use a shared identity to authenticate users between the two environments.

CISA analysed six files including two Dynamic Link-Library (.DLL), one cryptographic key stealer, and three web shells. Cyber threat actors could leverage this malware to steal cryptographic keys and execute a Base64-encoded PowerShell command to fingerprint host system and exfiltrate data.

In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization's connected cloud environment without leaving easily detectable and auditable traces.

Homeland Security's Cybersecurity & Infrastructure Security Agency warned US defense contractors working in Israel that they may be targeted by Iranian cyber attacks.

Achieving better memory safety demands language-level protections, library support, robust tooling, and developer training, as traditional languages can't eliminate vulnerabilities as effectively.

For anyone who still has doubts about MFA: just ask Snowflake CISO Brad Jones, who last year saw more than 160 of his customers' accounts compromised using stolen credentials. None of these had MFA enabled, and this safeguard likely would have prevented the intruders from accessing the customers' databases.

CISA warns of potential data breach risks from a security incident involving legacy Oracle cloud environments, urging enterprises to strengthen their security defenses.

The U.S. government extended funding for the CVE database for eleven months, preventing the crucial cybersecurity resource from going offline due to funding discontinuation.