cisa-kev

Your Antivirus Is Harvesting Passwords Now: BlueHammer Hits CISA KEV

John Z Black Apr 23, 2026

Vulnerabilities & Patching #microsoft #windows-defender #bluehammer #cve-2026-33825 #zero-day #cisa-kev #credential-theft #endpoint-security

The BlueHammer flaw has moved from a research curiosity to an active threat. This Windows Defender zero-day turns your security software into a password harvester by exploiting a race condition to steal credentials. CISA says patch now.

Patch This Week: Two Fortinet CVEs Due Tomorrow, Six More Due April 27, and NIST Changed How NVD Works

John Z Black Apr 15, 2026

Vulnerabilities & Patching #vulnerability-management #cisa-kev #nist #nvd #fortinet #showdoc #google-pixel #patch-management #cve

Two Fortinet CVEs have a federal remediation deadline of April 16. A separate six-CVE batch is due April 27. NIST restructured NVD prioritization because CVE volume is up 30%. And 2,000+ ShowDoc servers are still unpatched.

165 CVEs in One Day. Two Zero-Days. One Kerberos Bug That Should Have Your Full Attention.

John Z Black Apr 14, 2026

Vulnerabilities & Patching #patch-tuesday #microsoft #cve #kerberos #cisa-kev #forticlient #zero-day

Microsoft dropped 165 CVEs today including two zero-days, a critical Kerberos credential relay vulnerability, and a FortiClient EMS flaw with a 48-hour CISA deadline. Here's how to prioritize.

The Math Does Not Work Anymore: Why Patching Faster Is No Longer Enough

John Z Black Apr 12, 2026

Security Operations & Resilience #vulnerability-management #qualys #cisa-kev #bug-bounty #ai-security #patch-management #risk-management

Qualys analyzed a billion CISA KEV remediation records and found attackers are weaponizing critical vulns an average of seven days before patches exist. The human-scale remediation model has hit a structural ceiling.

Ivanti Just Got Its 33rd CISA Exploited Vulnerability Entry

John Z Black Apr 11, 2026

Vulnerabilities & Patching #ivanti #epmm #cisa-kev #cve-2026-1340 #patch #enterprise-security

CVE-2026-1340 is a pre-auth RCE in Ivanti EPMM, CVSS 9.8, exploited since January. It's the 33rd Ivanti entry on the CISA KEV catalog. At some point that number has to become a procurement conversation.

Update Chrome Now. Update FortiClient Now. Here's Why.

John Z Black Apr 6, 2026

Vulnerabilities & Patching #chrome #fortinet #zero-day #cve-2026-5281 #cve-2026-35616 #cisa-kev #patch-advisory

Two critical vulnerabilities are being actively exploited right now: a Chrome WebGPU zero-day and a Fortinet pre-auth privilege escalation, and both have patches available today.

Three Vendors, Three Critical Bugs, All Exploited This Week: The Edge Device Emergency

John Z Black Mar 31, 2026

Vulnerabilities & Patching #f5 #big-ip #citrix #netscaler #fortinet #forticlient-ems #cisa-kev #rce #cve #patch #perimeter-security

F5 BIG-IP, Citrix NetScaler, and Fortinet FortiClient EMS all have critical vulnerabilities under active exploitation this week. Here's what happened and what you need to do right now.

AI Tools Are Now Both the Target and the Weapon, And Security Teams Haven't Caught Up

John Z Black Mar 27, 2026

AI Security #ai-security #langflow #prompt-injection #claude #autonomous-ai #cve #cisa-kev

A CVSS 10.0 flaw in Langflow was exploited within 20 hours. The Claude Chrome extension let any website hijack your AI assistant. And a state-sponsored actor used autonomous AI to run 80-90% of a cyber espionage campaign. Three stories, one picture.

48 Hours to Patch or Get Owned: The New Enterprise Reality

John Z Black Mar 10, 2026

Enterprise Security #patching #google-cloud #cisa-kev #ivanti #solarwinds #cisco #sd-wan #vulnerability

Vulnerability exploitation just passed stolen credentials as the #1 way attackers break into cloud environments. And you've got about 48 hours before they're at your door.