Multiple Vulnerabilities in Google ChromeCould Allow for Arbitrary Code Executi
This Multi-State Information Sharing and Analysis Center (MS-ISAC) Advisory is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals. NOTE: In an effort to reduce duplicate emails, if you currently receive cybersecurity advisories direct from the MS-ISAC, please let us know by responding to this email. Multiple vulnerabilities have …
Continue reading Multiple Vulnerabilities in Google ChromeCould Allow for Arbitrary Code ExecutiTue, 09 Jun 2026 20:51:17 +0000
Critical Patches Issued for Microsoft Products, June 9, 2026 – PATCH NOW
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; …
Continue reading Critical Patches Issued for Microsoft Products, June 9, 2026 – PATCH NOWTue, 09 Jun 2026 20:50:38 +0000
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution – PATCH: NOW
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install …
Continue reading Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution – PATCH: NOWTue, 09 Jun 2026 20:49:30 +0000
Multiple Vulnerabilities in Check Point ProductsCould Allow for Authentication Bypass
This Multi-State Information Sharing and Analysis Center (MS-ISAC) Advisory is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals. NOTE: In an effort to reduce duplicate emails, if you currently receive cybersecurity advisories direct from the MS-ISAC, please let us know by responding to this email. Multiple vulnerabilities have …
Continue reading Multiple Vulnerabilities in Check Point ProductsCould Allow for Authentication BypassTue, 09 Jun 2026 20:48:22 +0000
Vulnerability in Cisco ProductsCould Allow for Server-Side Request Forgery
This Multi-State Information Sharing and Analysis Center (MS-ISAC) Advisory is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals. NOTE: In an effort to reduce duplicate emails, if you currently receive cybersecurity advisories direct from the MS-ISAC, please let us know by responding to this email. A vulnerability has …
Continue reading Vulnerability in Cisco ProductsCould Allow for Server-Side Request ForgeryTue, 09 Jun 2026 11:13:34 +0000
Updated SCAP Specification Drafts Available for Public Comment
NIST announces the release of Special Publication (SP) 800-126r4 (Revision 4), Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.4, and SP 800-126Ar4, SCAP 1.4 Component Specification Version Updates: An Annex to NIST SP 800-126r4. These coordinated revisions build on SCAP Version 1.3, streamline requirements to emphasize current implementations, and update supporting references and URLs. About SCAP The Security Content Automation Protocol (SCAP) is …
Continue reading Updated SCAP Specification Drafts Available for Public CommentMon, 08 Jun 2026 18:35:01 +0000
Register Now! NCCoE Manufacturing Cybersecurity Response and Recovery Project Update Webinar
Reserve Your Virtual Seat: NCCoE Manufacturing Project Update The NIST NCCoE will host a virtual event on June 4, 2026, to provide an overview of upcoming guidelines on improving cybersecurity incident response and recovery capabilities for organizations operating industrial control systems (ICS) and operational technology (OT) environments. This event will highlight approaches organizations can use …
Continue reading Register Now! NCCoE Manufacturing Cybersecurity Response and Recovery Project Update WebinarThu, 28 May 2026 17:17:17 +0000
NIST Releases SP 800-172r3 and SP 800-172Ar3: Enhanced Security Requirements and Assessment Procedures for Protecting CUI
As part of ongoing efforts to strengthen protections for securing controlled unclassified information (CUI) in nonfederal systems, NIST has released the following final publications: In addition to these documents, NIST is also releasing both the enhanced security requirements and assessment procedures in the Cybersecurity and Privacy Reference Tool (CPRT) and in Open Security Controls Assessment …
Continue reading NIST Releases SP 800-172r3 and SP 800-172Ar3: Enhanced Security Requirements and Assessment Procedures for Protecting CUIThu, 28 May 2026 17:16:30 +0000
Uptick in Compromised Airline Accounts and Loyalty Fraud
Airline accounts contain a wealth of sensitive data, including passenger names, contact information, passport numbers, and financial information. These accounts may be linked to loyalty programs that allow passengers to earn miles or points that serve as a form of currency. These accumulated miles or points can be redeemed for free or discounted flights, seat …
Continue reading Uptick in Compromised Airline Accounts and Loyalty FraudThu, 28 May 2026 17:15:20 +0000
Multiple Vulnerabilities in NGINXCould Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in NGINX. NGINX is a software used for web serving, reverse proxying, caching, and load balancing. Successful exploitation of the most severe of these vulnerabilities may allow an unauthenticated threat actor to crash vulnerable NGINX worker processes by sending crafted HTTP requests. Additionally, for systems with Address Space Layout Randomization (ASLR) …
Continue reading Multiple Vulnerabilities in NGINXCould Allow for Remote Code ExecutionThu, 28 May 2026 17:13:50 +0000