cisa known exploited vulnerabilities

Microsoft’s January 2026 Patch Tuesday fixes 112 CVEs, including an exploited Windows DWM zero-day, plus critical flaws across SharePoint, Office, and Windows services.

critical infrastructure security

CISA and international partners issued new guidance on securing AI in operational technology, warning of OT risks and urging stronger governance and safeguards.

CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities ...