CISA Archives

An opening section of the forthcoming cybersecurity strategy offers a Trumpian call for a more muscular approach to cyberspace. (Getty Images)

Trump administration releases scaled-back AI executive order

The order — which Trump previously refrained from signing at the last minute — appears to make significant concessions to industry compared to earlier drafts.

Jun 2, 2026 By Derek B. Johnson

Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches

Verizon’s annual Data Breach Investigations Report uncovered a surge of exploited vulnerabilities, and a growing lack of critical defect remediation industrywide.

May 19, 2026 By Matt Kapko

Cisco zero-day under ongoing attack by persistent threat group

The threat group behind the attacks is also linked to a series of recently disclosed vulnerabilities in the vendor’s firewalls and SD-WAN systems.

May 15, 2026 By Matt Kapko

Students with hands raised in classroom. (Klaus Vedfelt/Getty Images)

Instructure claims hackers returned stolen Canvas data after an extortion standoff

ShinyHunters, a prolific cybercrime group, threatened to leak data from more than 8,800 school systems.

May 11, 2026 By Matt Kapko

Palo Alto Networks headquarters in Silicon Valley; Palo Alto Networks, Inc. is an American multinational cyber security company. (Getty Images)

A critical Palo Alto PAN-OS zero-day is being exploited in the wild

The vendor hasn’t released a patch for the vulnerability or described the scope and objective of confirmed attacks.

May 6, 2026 By Matt Kapko

A pipe carrying potable water is seen in a water purification plant. (Getty Images)

CISA wants critical infrastructure to operate ‘weeks to months’ in isolation during conflict

The agency will begin targeted assessments meant to help critical infrastructure entities operate while disconnecting OT networks from IT and third-party vendors.

May 5, 2026 By Derek B. Johnson

Chinese national extradited to US for pandemic-era Silk Typhoon attacks

Xu Zewei was allegedly directed by China’s intelligence services to conduct a sweeping espionage campaign to steal data on COVID-19 research and other U.S. policy interests.

Apr 27, 2026 By Matt Kapko

Sean Plankey, of Pennsylvania, responds to questioning during Senate Committee on Homeland Security and Governmental Affairs hearings to examine his nomination to be Director of the Cybersecurity and Infrastructure Security Agency, of the Department of Homeland Security, in the Dirksen Senate office building, in Washington, DC, on Wednesday July 24, 2025. (Mattie Neretin/CNP/Sipa USA)

Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey

With global cyber threats escalating and budget cuts looming, CISA needs a Senate-confirmed director. It’s time to confirm Sean Plankey.

Apr 14, 2026 By Chris Sullivan

Governments issue warning over Cisco zero-day attacks dating back to 2023

The global campaign marks the second series of multiple actively exploited zero-day vulnerabilities in Cisco edge technology since last spring. The similarities don’t end there.

Feb 25, 2026 By Matt Kapko

Abstract binary code rippling on waving ribbons. (Getty Images)

MongoBleed defect swirls, stamping out hope of year-end respite

The high-severity vulnerability is under active exploitation and affects many versions of MongoDB, a nearly ubiquitous open-source database.

Dec 29, 2025 By Matt Kapko