#CISAAlert: Two critical flaws — in Broadcom Fabric OS (CVE-2025-1976) and Commvault Web Server (CVE-2025-3928) — are now on the Known Exploited Vulnerabilities (KEV) list.

🔹 Both bugs are actively exploited.
🔹 Admin access can lead to full system compromise.
🔹 Patching deadlines: May 17–19, 2025.

https://thehackernews.com/2025/04/cisa-adds-actively-exploited-broadcom.html

Reading through a CISA alert on ransomware and noticed some RFC1918 IP addresses in the IOC section... THE RANSOMWARE IS COMING FROM INSIDE THE HOUSE! #ransomware #cisaalert

Critical, Unpatched Bug Opens GE Radiological Devices to Remote Code Execution - A CISA alert is flagging a critical default credentials issue that affects 100+ types of devices f... https://threatpost.com/critical-unpatched-bug-ge-radiological-devices/162012/ #criticalinfrastructure #securityvulnerability #radiologicaldevices #remotecodeexecution #defaultcredentials #vulnerabilities #devicesecurity #medicaldevices #medicalimaging #gehealthcare #mrimachines #healthcare #cisaalert #privacy

VMware Rolls a Fix for Formerly Critical Zero-Day Bug - VMware has issued a full patch and revised the severity level of the NSA-reported vulnerability to... https://threatpost.com/vmware-fix-critical-zero-day-bug/161896/ #securityvulnerability #privilegeescalation #commandinjection #securityadvisory #vulnerabilities #severityrating #cve-2020-4006 #cybersecurity #workaround #cisaalert #critical #zeroday #vmware #patch #nsa

Think-Tanks Under Attack by APTs, CISA Warns - The feds have seen ongoing cyberattacks on think-tanks (bent on espionage, malware delivery and mo... https://threatpost.com/think-tanks-attack-apts-cisa/161807/ #advancedpersistentthreat #covid-19.remoteaccess #dataexfiltration #vulnerabilities #remoteworking #spearphishing #cyberattacks #nationstates #websecurity #government #thinktanks #cisaalert #espionage #exploits #phishing #malware #breach #hacks #apt #vpn

ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats - Online shoppers are blissfully unaware of credit card skimming threats and malicious shopping apps... https://threatpost.com/threatlist-cyber-monday-looms-retail-threats/161563/ #mostrecentthreatlists #digitalpaymentskimmer #creditcartskimmer #holidayshopping #topcyberthreats #onlineshopping #cybersecurity #maliciousapp #websecurity #blackfriday #coronavirus #cybermonday #cisaalert #covid-19 #magecart #malware

Feds Hit with Successful Cyberattack, Data Stolen - The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit. https://threatpost.com/feds-cyberattack-data-stolen/159541/ #microsoftoffice365credentials #dataexfiltration #federalagency #inetinfo.exe #cyberattack #pulsesecure #spycampaign #government #cisaalert #espionage #malware #exploit #hacks