You must login to view this content
You must login to view this content
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Google is preparing to launch Android 17, bringing a comprehensive set of new APIs and system capabilities to fundamentally improve device security, user privacy, and performance debugging. At the forefront of this release is the highly anticipated Android Advanced Protection Mode (AAPM), a powerful new feature designed to safeguard users from increasingly sophisticated cyberattacks and […]
The post Android 17 Advanced Protection Mode to Block Malicious Service Usage appeared first on Cyber Security News.
Fingerprint has announced the launch of its Model Context Protocol (MCP) Server, an open-source MCP implementation for the fraud prevention space. The new server enables organizations to connect any AI assistant or agent directly to Fingerprint’s device intelligence platform, turning fraud analysis into real-time, AI-powered insights. The Fingerprint MCP Server uses a standard open protocol that allows organizations to bring their own preferred AI assistant, chatbot, or agent directly to their fraud data. This means … More →
The post Fingerprint’s MCP Server turns device intelligence into real-time AI-powered fraud insights appeared first on Help Net Security.
End-to-end encrypted messaging on Instagram will no longer be supported after May 8, 2026. Meta justified the move by saying the feature was rarely used, with only a small fraction of Instagram users enabling encryption. The company advised users seeking end-to-end encryption to switch to WhatsApp, where it is enabled by default. Unlike WhatsApp, Instagram never rolled out encryption to all users and the feature remained optional. Users with affected chats will see instructions on … More →
The post Meta ditches end-to-end encrypted messaging on Instagram appeared first on Help Net Security.