CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.

As if admins haven't had enough to do this week Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being ...

CISA confirms active exploitation of CVE-2024-43468 in Microsoft Configuration Manager and urges immediate patching.

Patch Tuesday delivers fixes for 59 Microsoft flaws, six exploited zero-days, plus critical SAP and Intel TDX vulnerabilities ...

SAP has released 26 new security notes, including two that address critical vulnerabilities in CRM, S/4HANA, and NetWeaver.

Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities.

Ivanti has patched a dozen vulnerabilities in Endpoint Manager, including a new high-severity bug leading to credential exposure.

CVE-2026-21525 is a denial-of-service vulnerability affecting the Windows Remote Access Connection Manager. “Exploitation is local, requires no privileges, and does not rely on user interaction,” ...

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws to KEV list.

Here's what we know about the South Florida DNA lab chosen over Quantico to analyze evidence in the Nancy Guthrie abduction.

See something others should know about? Email CHS or call/txt (206) 399-5959. You can view recent CHS 911 coverage here. Hear sirens and wondering what’s going on? Check out reports ...