Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA Emergency Directive 25-02 for hybrid Microsoft Exchange

Public Sector Action
First reported
Last updated
Happening score
H score 19
1 unique sources, 2 articles

Summary

Hide ▲

CISA issued Emergency Directive 25-02, requiring federal civilian agencies to take immediate action on a hybrid Microsoft Exchange vulnerability that could affect cloud-connected environments. The directive matters because the flaw can let an attacker with administrative access escalate privileges and threaten identity integrity across connected services.

Related Happenings

CISA KEV order for CVE-2026-3055 on Citrix appliances

Public Sector Action
First: 31.03.2026 10:05 Last: 31.03.2026 10:05 Sources 1

About this happening: CISA added **CVE-2026-3055** to the **KEV Catalog** and ordered **FCEB agencies** to secure **Citrix NetScaler** appliances by **Thursday, April 2**, turning an **actively exploit...

Open Happening

CISA BOD 22-01 Zimbra patch order

Public Sector Action
First: 18.03.2026 21:57 Last: 18.03.2026 21:57 Sources 1

About this happening: **CISA** ordered **Federal Civilian Executive Branch agencies** to secure **Zimbra Collaboration Suite (ZCS)** servers against **CVE-2025-66376**, an **actively exploited** flaw t...

Open Happening

US Cybersecurity and Infrastructure Security Agency (CISA) Emergency Directive 26-03 for Federal civilian executive branch systems remediation and reporting deadlines through

Public Sector Action
First: 12.03.2026 14:45 Last: 12.03.2026 14:45 Sources 1

About this happening: CISA issued **Emergency Directive 26-03** after warning that attackers are actively exploiting **Cisco Catalyst SD-WAN** vulnerabilities across **US federal networks**. The direct...

Open Happening

CISA BOD 22-01 iOS KEV patch order

Public Sector Action
First: 06.03.2026 17:57 Last: 06.03.2026 17:57 Sources 1

About this happening: **CISA** ordered **Federal Civilian Executive Branch** agencies to secure affected **iOS** devices by **March 26** after adding **three Coruna vulnerabilities** to its **Known Exp...

Open Happening

CISA Emergency Directive 26-03 for Cisco SD-WAN

Public Sector Action
First: 25.02.2026 14:00 Last: 25.02.2026 14:00 Sources 1

About this happening: **CISA** issued **Emergency Directive 26-03** and supplemental guidance to force immediate remediation of **Cisco SD-WAN** vulnerabilities across **Federal Civilian Executive Bran...

Open Happening

Timeline

  1. 07.08.2025 15:00 2 articles · 9mo ago

    CISA issues Emergency Directive 25-02 for hybrid Microsoft Exchange

    Legal Policy Action Update

    CISA issued Emergency Directive 25-02 on 2025-08-07 for federal civilian agencies using hybrid Microsoft Exchange after identifying CVE-2025-53786, a post-authentication vulnerability that can let an attacker with administrative access to an Exchange server escalate privileges and affect the organization’s connected cloud environment. CISA said it was not aware of active exploitation and directed agencies to take immediate action and implement vendor mitigation guidance.

    Show sources
    Open in new tab