Cybersecurity

Regulations.gov Document Not Found Error

The regulations.gov website is displaying an error message indicating that a specific document (ONCD-2023-0002-0002) could not be found. Users are advised to check the URL or return to the homepage, and to contact the Help Desk if the problem persists. This suggests a potential issue with document accessibility or a broken link.

Error Page - Document Not Found

The regulations.gov website is displaying a general error message indicating that the requested document (ONCD-2023-0002-0001) could not be found. Users are advised to check the URL or return to the homepage.

Regulations.gov Document Not Found Error

The Regulations.gov website is experiencing a general error, preventing access to document ONCD-2024-0001-0001. Users are advised to check the URL or return to the homepage. The cause is likely an outdated or incorrect link, or the document has been removed.

Error Page - Document Not Found

The regulations.gov website displayed an error page indicating that the requested document could not be found. This suggests a broken link or the removal of the document. Users are advised to check the URL or return to the homepage.

Government Website Error - Document Not Found

A general error occurred on the US Federal Government's regulations.gov website, indicating that the requested document or docket was not found. Users are advised to check the URL or return to the homepage, and to contact the Help Desk if the problem persists.

Error Processing Request - Document Not Found

The US Federal Government's regulations.gov website is experiencing an error, preventing access to a specific document. The error message indicates a potential issue with the link or the document's availability, and users are advised to check the URL or contact the Help Desk.

ISOO Meeting Notice: National Industrial Security Program Policy Advisory Committee

The Information Security Oversight Office (ISOO) has issued a notice for a meeting of the National Industrial Security Program Policy Advisory Committee. The notice provides details regarding the upcoming meeting, including its purpose and agenda.

Error Processing Request - Document Not Found

The US Federal Government website regulations.gov is experiencing a general error, preventing access to documents. Users are advised that the link may be outdated or the document may not be found. They can try returning to the homepage or contacting the Help Desk.

Request for Information on Cyber Regulatory Harmonization

The Office of the National Cyber Director has issued a Request for Information (RFI) seeking public input on opportunities and obstacles related to harmonizing cybersecurity regulations across various sectors. The RFI aims to gather insights to improve the efficiency and effectiveness of the nation's cybersecurity regulatory landscape.

Request for Information on Open-Source Software Security

The Office of the National Cyber Director has issued a Request for Information regarding open-source software security. The agency is seeking input on long-term focus areas and prioritization for enhancing the security of open-source software. Comments are due by October 9, 2023.

Fingerprint Submission Requirements

The National Crime Prevention and Privacy Compact Council has issued a notice detailing fingerprint submission requirements. This document outlines the procedures and standards for submitting fingerprints, likely for background check purposes.

Security and Management Control Outsourcing Standard

The National Crime Prevention and Privacy Compact Council issued a notice regarding its Security and Management Control Outsourcing Standard. This standard outlines requirements for government agencies concerning the outsourcing of security and management controls.

Fingerprint Submission Requirements Notice

The National Crime Prevention and Privacy Compact Council has issued a notice regarding fingerprint submission requirements. This notice details a proposal from Colorado to the Council concerning these requirements.

Fingerprint Submission Requirements by National Crime Prevention Council

The National Crime Prevention and Privacy Compact Council has published a notice regarding fingerprint submission requirements. This notice details the procedures and standards for submitting fingerprints for various purposes, aiming to ensure accuracy and efficiency in the process.

Fingerprint Submission Requirements Rule

The National Crime Prevention and Privacy Compact Council issued a notice regarding fingerprint submission requirements. This rule outlines the procedures and standards for submitting fingerprints for various purposes.

State, Local, Tribal, Private Sector Policy Advisory Committee Meeting Announced

The Information Security Oversight Office announced a meeting of the State, Local, Tribal, and Private Sector Policy Advisory Committee (SLTPS-PAC). The meeting is scheduled for July 24, 2019. This notice serves to inform relevant parties of the upcoming session.

NISPPAC Meeting Notice

The Information Security Oversight Office has published a notice announcing a meeting of the National Industrial Security Program Policy Advisory Committee (NISPPAC). The meeting is scheduled for November 20, 2019. This notice serves to inform the public about the upcoming committee session.

State, Local, Tribal, and Private Sector Policy Advisory Committee Meeting

The Information Security Oversight Office announced a meeting for the State, Local, Tribal, and Private Sector Policy Advisory Committee (SLTPS-PAC). The meeting is scheduled for January 29, 2020, and will cover policy discussions relevant to these sectors.

Classified National Security Information Rule

The Information Security Oversight Office published a final rule concerning classified national security information. This rule amends 32 CFR 2001 and is effective May 9, 2022, with a comment deadline of April 28, 2022.

NISPPAC Meeting Notice

The Information Security Oversight Office has published a notice announcing a meeting of the National Industrial Security Program Policy Advisory Committee (NISPPAC). The meeting is scheduled for July 18, 2019. This notice serves to inform relevant parties of the upcoming meeting details.

TSA Deploys Advanced Technology for Super Bowl Passenger Safety

The TSA announced the deployment of advanced detection-at-range screening technology, including Thruvision's TAC and Qinetiq SPO-NX, for passenger safety at Super Bowl LX events in San Jose, California. This initiative aims to enhance security for attendees by identifying potential threats proactively.

ICE Arrests Criminal Illegal Aliens

U.S. Immigration and Customs Enforcement (ICE) announced the arrest of numerous criminal illegal aliens, including those convicted of sex crimes and drug trafficking. The agency highlighted that a significant portion of its arrests involve individuals with prior criminal charges or convictions in the U.S.

ICE Arrests of Criminal Illegal Aliens

U.S. Immigration and Customs Enforcement (ICE) announced the arrest of criminal illegal aliens convicted of serious crimes, including aggravated sexual abuse of a child and intoxicated manslaughter. The agency emphasized its commitment to removing individuals who enter the country illegally and commit offenses.

ICE Requests NJ Politicians Not Release Criminal Alien Accused of Assault

U.S. Immigration and Customs Enforcement (ICE) has requested New Jersey politicians not release Gerardo Garcia Gonzalez, an undocumented immigrant accused of sexual assault. The individual had previously been removed from the U.S. but re-entered illegally.

ICE Arrest of Truck Driver Involved in Critical Injury Crash

U.S. Immigration and Customs Enforcement (ICE) announced the arrest of Sukhdev Singh, an undocumented immigrant with a New York-issued Commercial Driver's License, in connection with a semi-truck crash that critically injured a U.S. citizen. The agency highlighted concerns about undocumented individuals operating commercial vehicles.

DHS: Four-Time Deported Alien Arrested After Subway Attack

The Department of Homeland Security announced the arrest of Bairon Posada-Herandez, a four-time deported illegal alien with multiple prior charges, following an alleged assault on two individuals in New York City. DHS is calling on New York authorities to honor an ICE detainer against the individual.

V8 in Chrome Vulnerable to Code Execution

CISA has added a vulnerability in Google Chrome's V8 engine to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability (CVE-2026-3910) allows remote code execution and requires federal agencies to patch by March 13, 2026.

Google Chrome Skia Out-of-Bounds Write Vulnerability

CISA has added a known exploited vulnerability, CVE-2026-3909, affecting Google Chrome versions prior to 146.0.7680.75. This vulnerability allows remote attackers to perform out-of-bounds memory access via a crafted HTML page. Agencies are directed to apply mitigations by March 13, 2026.

Mozilla Firefox, Thunderbird Vulnerabilities (CVSS 8.8)

CERT-Bund has issued an advisory regarding multiple vulnerabilities in Mozilla Firefox, Firefox ESR, and Thunderbird, with a CVSS Base Score of 8.8. The advisory has been updated multiple times to include specific product versions and affected operating systems.

FreeRDP Vulnerabilities - Remote Code Execution

CERT-Bund has issued an advisory for multiple vulnerabilities in FreeRDP, a Remote Desktop Protocol implementation. The vulnerabilities have a CVSS base score of 8.8 and allow for remote code execution, denial-of-service, and information disclosure.

CPython Vulnerabilities Allow Remote Code Execution

The German Federal Office for Information Security (BSI) has issued a security advisory regarding multiple vulnerabilities in CPython, with a CVSS base score of 7.7. These vulnerabilities allow remote attackers to manipulate files or execute arbitrary code on affected systems.

Vim Vulnerability Allows Code Execution (CVSS 6.6)

The German National Cybersecurity Agency (BSI) has issued a security advisory for a vulnerability in the Vim text editor. The vulnerability, with a CVSS score of 6.6, allows local attackers to execute arbitrary code. Mitigation is available.

Microsoft ASP.NET/.NET Vulnerabilities Advisory

This advisory updates information on multiple vulnerabilities in Microsoft ASP.NET and .NET, with a CVSS Base Score of 7.8. The update includes affected products on Ubuntu, Oracle, and Red Hat Linux, in addition to previously listed Microsoft ASP.NET Core and .NET versions.

CISA Adds Two Exploited Vulnerabilities to KEV Catalog

CISA has added two new vulnerabilities, CVE-2026-3909 and CVE-2026-3910, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. Federal Civilian Executive Branch (FCEB) agencies are required to remediate these vulnerabilities per Binding Operational Directive (BOD) 22-01.

Fortinet Vulnerabilities Require Immediate Updates

The Cyber Security Agency of Singapore (CSA) has issued an alert regarding high-severity vulnerabilities in multiple Fortinet enterprise products. Users are strongly advised to update affected systems immediately to mitigate risks of unauthorized code execution, authentication bypass, and privilege escalation.

Critical Cisco Secure Firewall Management Center Vulnerabilities Addressed

Cisco has released security updates for critical vulnerabilities (CVSS 10.0) in its Secure Firewall Management Center software. Users of affected on-premises versions are advised to update immediately to prevent root access and arbitrary code execution.

Microsoft Security Patches for Critical Vulnerabilities

The Cyber Security Agency of Singapore (CSA) has issued an alert regarding Microsoft's release of security patches for critical vulnerabilities in its software. These patches address multiple security flaws, some with a base score of 9.8, requiring immediate attention from users and organizations.

HPE Patches Critical Aruba Networking AOS-CX Vulnerabilities

Hewlett Packard Enterprise (HPE) has released patches for critical vulnerabilities in its Aruba Networking AOS-CX operating system. The most severe flaw (CVE-2026-23813) allows unauthenticated remote attackers to reset administrator passwords. Users are urged to update immediately.

Microsoft Loop, PowerBI, Teams Vulnerability Disclosure

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding a vulnerability (CVE-2026-26133) affecting Microsoft Loop, PowerBI, and Teams. The vulnerability can lead to data confidentiality breaches. Users are advised to consult Microsoft's security bulletin for patch information.

Microsoft Edge Vulnerability Poses Data Confidentiality Risk

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding a vulnerability in Microsoft Edge for Android and iOS. The vulnerability, identified as CVE-2026-26133, poses a risk of data confidentiality breaches. Users are advised to refer to Microsoft's security bulletin for patch information.

Multiple Vulnerabilities Found in IBM Products

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding multiple vulnerabilities discovered in various IBM products. These vulnerabilities could allow remote code execution, denial of service, and data breaches. Affected users are advised to consult IBM's security bulletins for patch information.

Debian Linux Kernel Vulnerabilities Affecting Confidentiality and Security

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding multiple vulnerabilities discovered in the Debian Linux kernel. These vulnerabilities can lead to privilege escalation, data confidentiality breaches, and denial of service, affecting specific versions of Debian bookworm and trixie.

Microsoft Office Vulnerability Advisory CVE-2026-26133

The French National Cybersecurity Agency (ANSSI) has issued an advisory regarding a vulnerability (CVE-2026-26133) in Microsoft Office applications. The vulnerability could lead to data confidentiality breaches.

CISA: Ignition Software Vulnerable to Code Execution

CISA issued an advisory for Inductive Automation Ignition Software versions prior to 8.3.0, identifying a deserialization vulnerability (CVE-2025-13913) that could allow remote code execution. Users are recommended to upgrade to version 8.3.0 or later.

EU Commission Launches €75 Million EURO-3C Project for Telco-Edge-Cloud

The European Commission has announced the EURO-3C project, a €75 million initiative to build a federated Telco-Edge-Cloud infrastructure. This project aims to enhance Europe's digital service capabilities and reduce reliance on third-country providers.

Draft Code of Practice on AI Content Marking Published

The European Commission has published a second draft Code of Practice on AI content marking, intended to help providers and deployers meet AI Act requirements. This revised draft aims to streamline processes, reduce compliance burdens, and incorporate feedback from various stakeholders.

EU Cooperation on Artificial Intelligence at India Summit

The European Union, represented by Executive Vice-President Henna Virkkunen, will attend the AI Impact Summit 2026 in New Delhi to strengthen cooperation with India on AI governance and innovation. The visit aims to advance the EU's approach to AI, emphasizing trust, innovation, and international collaboration.

New Delhi Declaration on AI Endorsed by 92 Countries

92 countries and international organizations endorsed the New Delhi Declaration on AI Impact at the AI Impact Summit 2026. The declaration outlines a shared global vision for collaborative, trusted, and resilient AI, structured around seven pillars of action and supported by voluntary global initiatives.

EU Endorses AI Declaration and Launches Legal Gateway Office

The European Union has endorsed the Leaders' Declaration at the AI Impact Summit in India and launched the European Legal Gateway Office to connect EU companies with India's ICT talent. The initiative also aims to strengthen global AI governance and promote AI innovation.

ENISA Updates International Cybersecurity Strategy

ENISA has updated its International Strategy to enhance engagement with international partners and align with the EU's cybersecurity policies. The revised strategy focuses on cooperation with countries sharing EU values and includes specific working arrangements with Ukraine and the US, support for EU candidate countries, and operationalizing the EU Cybersecurity Reserve for third countries.