Current security issues, vulnerabilities, and exploits

  • Adobe Releases Security Updates for Multiple Products 
    on May 11, 2021

    Original release date: May 11, 2021Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy.


Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


  • Microsoft Releases May 2021 Security Updates
    on May 11, 2021

    Original release date: May 11, 2021Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s May 2021 Security Update Summary and Deployment Information and apply the necessary updates.   This product is provided subject to this Notification and this Privacy & Use policy.

  • Citrix Releases Security Updates for Workspace App for Windows
    on May 11, 2021

    Original release date: May 11, 2021Citrix has released security updates to address a vulnerability in Citrix Workspace App for Windows. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX307794 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

  • Juniper Networks Releases Security Updates
    on May 11, 2021

    Original release date: May 11, 2021Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper's 2021-05 Out-of-Cycle Security Bulletin and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

  • Joint CISA-FBI Cybersecurity Advisory on DarkSide Ransomware
    on May 11, 2021

    Original release date: May 11, 2021CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on a ransomware-as-a-service (RaaS) variant—referred to as DarkSide—recently used in a ransomware attack against a critical infrastructure (CI) company.  Cybercriminal groups use DarkSide to gain access to a victim’s network to encrypt and exfiltrate data. These groups then threaten to expose data if the victim does not pay the ransom. Groups leveraging DarkSide have recently been targeting organizations across various CI sectors including manufacturing, legal, insurance, healthcare, and energy.  Prevention is the most effective defense against ransomware. It is critical to follow best practices to protect against ransomware attacks, which can be devastating to an individual or organization and recovery may be a difficult process. In addition to the Joint CSA, CISA and FBI urge CI asset owners and operators to review the following resources for best practices on strengthening cybersecurity posture: CISA and Multi-State Information Sharing and Analysis Center: Joint Ransomware Guide CISA webpage: Ransomware Guidance and Resources CISA Insights: Ransomware Outbreak CISA Pipeline Cybersecurity Initiative CISA Pipeline Cybersecurity Resources Library Victims of ransomware should report it immediately to CISA, a local FBI Field Office, or a Secret Service Field Office. This product is provided subject to this Notification and this Privacy & Use policy.

  • Google Releases Security Updates for Chrome
    on May 11, 2021

    Original release date: May 11, 2021Google has released Chrome version 90.0.4430.212 for Windows, Mac, and Linux.   This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.   This product is provided subject to this Notification and this Privacy & Use policy.

  • Exim Releases Security Update
    on May 7, 2021

    Original release date: May 7, 2021Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Exim 4.94.2 update page and apply the necessary update. CISA also encourages users and administrators to review Center for Internet Security Advisory 2021-064 for more information.   This product is provided subject to this Notification and this Privacy & Use policy.