Search

ENISA Report: EU Public Administrations Targeted by DDoS Attacks

ENISA has released a report detailing that EU public administrations are increasingly targeted by cyberattacks, primarily DDoS attacks, with central governments being the most affected. The report analyzes 586 incidents from 2024 and highlights the sector's developing cybersecurity resilience under the NIS2 Directive.

ENISA Seeks Feedback on Software Supply Chain Security Guidance

ENISA has launched public consultations on draft guidance for software supply chain security. Feedback is sought on an SBOM Landscape Analysis and a Technical Advisory for Secure Use of Package Managers, with a deadline of January 23, 2026.

Joint Advisory on SD-WAN Appliance Exploitation

The NSA, CISA, and international cybersecurity agencies have issued a joint advisory regarding the exploitation of Cisco SD-WAN appliances. Threat actors are exploiting a specific vulnerability (CVE-2026-20127) to gain root access and establish persistence. The advisory includes a threat hunt guide and mitigation recommendations.

NIST CSF 2.0 Cybersecurity Risk Management Guidance

The National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF). This updated guidance provides a comprehensive taxonomy for organizations of all sizes and sectors to manage cybersecurity risks, offering a flexible approach to assessing and communicating cybersecurity efforts.

VMware Workspace ONE UEM SSRF Vulnerability CVE-2021-22054

CISA has added VMware Workspace ONE UEM console versions to the Known Exploited Vulnerabilities (KEV) catalog due to an SSRF vulnerability (CVE-2021-22054). This vulnerability may allow a malicious actor to gain access to sensitive information.

Apple Use-After-Free Vulnerability Fixed in iOS/iPadOS 17

CISA has added a use-after-free vulnerability (CVE-2023-41974) affecting Apple iOS and iPadOS to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, which could allow an app to execute arbitrary code with kernel privileges, has been fixed by Apple in iOS 17, iPadOS 17, iOS 15.8.7, and iPadOS 15.8.7.

WHO Expert Committee Adopts New Pharmaceutical Guidance

The WHO Expert Committee on Specifications for Pharmaceutical Preparations has adopted nine new guidance texts aimed at ensuring the quality assurance of medicines. These texts cover areas such as nitrosamine prevention, good manufacturing practices for excipients, and bioequivalence assessments, and are recommended for implementation.

WHO Expert Committee on Specifications for Pharmaceutical Preparations 57th Report

The WHO Expert Committee on Specifications for Pharmaceutical Preparations has released its 57th report, recommending new and revised guidance texts for pharmaceutical quality assurance. These include updated GMP for excipients, new GMP for radiopharmaceutical cold kits, revised lab quality control practices, and updated biowaiver guidelines.

DEA Announces 10,744 Arrests in DC Safety Initiative

The Drug Enforcement Administration (DEA) announced 10,744 arrests as part of an initiative to enhance safety in Washington D.C. The operation involved collaboration between local and federal law enforcement agencies, with the goal of removing illicit substances from communities.

EMA PRAC Warns of Aseptic Meningitis Risk with Ixchiq Vaccine

The EMA's Pharmacovigilance Risk Assessment Committee (PRAC) has recommended updating the product information for the chikungunya vaccine Ixchiq to reflect recent evidence of aseptic meningitis risk, particularly in healthy young adults. This follows a safety signal investigation and is part of a regular safety assessment.