Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV patch order for Dell RecoverPoint

Public Sector Action
First reported
Last updated
Happening score
H score 52
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2026-22769 to the KEV catalog and ordered Federal Civilian Executive Branch agencies to secure their networks by February 21. The directive under BOD 22-01 gives federal operators a fixed deadline to remediate an actively exploited Dell flaw. The order matters because the vulnerability affects a widely used backup-and-recovery product and is already tied to real-world intrusion activity.

Related Happenings

Open-source admin tool zero-day 2FA bypass exploitation wave

Exploitation Wave
First: 11.05.2026 18:45 Last: 11.05.2026 18:45 Sources 1

About this happening: Google identified a **mass vulnerability exploitation operation** using a **zero-day 2FA bypass** against a **popular open-source, web-based system administration tool**, creating...

Open Happening

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First: 03.05.2026 09:26 Last: 03.05.2026 09:26 Sources 1

About this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...

Open Happening

Federal civilian executive branch agency hit by network compromise

Incident
First: 24.04.2026 23:34 Last: 24.04.2026 23:34 Sources 1

About this happening: A **federal civilian executive branch agency** was compromised in an **early September 2025** intrusion that left attackers with persistent access on **Cisco Firepower** and **Sec...

Open Happening

Cisco ASA/FTD code execution and authentication bypass flaws (multiple vulnerabilities)

Vulnerability
First: 24.04.2026 20:06 Last: 24.04.2026 20:06 Sources 1

About this happening: **Cisco ASA/FTD** vulnerabilities **CVE-2025-20333** and **CVE-2025-20362** are still under **active exploitation** and can be chained for **unauthenticated remote control** of af...

Open Happening

Timeline

  1. 19.02.2026 17:30 2 articles · 3mo ago

    CISA orders FCEB patching for Dell RecoverPoint CVE-2026-22769

    Legal Policy Action Update

    CISA added CVE-2026-22769 to the Known Exploited Vulnerabilities catalog and ordered Federal Civilian Executive Branch agencies to secure Dell RecoverPoint systems by February 21 under Binding Operational Directive 22-01, while Mandiant and GTIG said the hardcoded-credential flaw has been exploited since at least mid-2024 by suspected Chinese group UNC6201, which uses the access to move laterally, maintain persistent access, and deploy malware including SLAYSTYLE, BRICKSTORM, and Grimbolt.

    Show sources
    Open in new tab