Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA KEV patch order for Dell RecoverPoint

Public Sector Action
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2026-22769 to the KEV catalog and ordered Federal Civilian Executive Branch agencies to secure their networks by February 21. The directive under BOD 22-01 gives federal operators a fixed deadline to remediate an actively exploited Dell flaw. The order matters because the vulnerability affects a widely used backup-and-recovery product and is already tied to real-world intrusion activity.

Related Happenings

CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw

Public Sector Action
H score36 First: 16.06.2026 13:47 Last: 16.06.2026 13:47 Sources 1

About this happening: **CISA** added the **LiteSpeed cPanel user-end plugin** flaw to **KEV** and ordered **Federal Civilian Executive Branch agencies** to secure systems within **three days** under **...

SimpleHelp remote management software privileged technician account creation security flaw (CVE-2026-48558)

Vulnerability
H score46 First: 15.06.2026 23:06 Last: 15.06.2026 23:06 Sources 1

About this happening: **CVE-2026-48558** is a **critical authentication bypass** in **SimpleHelp RMM** that affects **OIDC authentication** and can let an unauthenticated attacker forge a token and obt...

CISA orders FCEB Ivanti Sentry remediation under BOD 26-04

Public Sector Action
H score36 First: 12.06.2026 11:26 Last: 12.06.2026 11:26 Sources 1

About this happening: **CISA** ordered **FCEB agencies** to secure **Ivanti Sentry** within **three days** after confirming **CVE-2026-10520** is being **actively exploited**, creating immediate remedi...

CISA BOD 26-04 remediation requirements

Advisory/Mitigation
H score31 First: 11.06.2026 15:46 Last: 11.06.2026 15:46 Sources 1

About this happening: CISA’s **Binding Operational Directive 26-04** forces **FCEB agencies** to speed up remediation of high-risk vulnerabilities, with some deadlines as short as **3 days** and new **...

CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies

Public Sector Action
H score27 First: 10.06.2026 15:00 Last: 10.06.2026 15:00 Sources 1

About this happening: **CISA** issued **Binding Operational Directive 26-04** to require **federal civilian agencies** to prioritize vulnerability remediation using **Asset Exposure**, **KEV Status**,...

Timeline

  1. 19.02.2026 17:30 2 articles · 4mo ago

    CISA orders FCEB patching for Dell RecoverPoint CVE-2026-22769

    Legal Policy Action Update

    CISA added CVE-2026-22769 to the Known Exploited Vulnerabilities catalog and ordered Federal Civilian Executive Branch agencies to secure Dell RecoverPoint systems by February 21 under Binding Operational Directive 22-01, while Mandiant and GTIG said the hardcoded-credential flaw has been exploited since at least mid-2024 by suspected Chinese group UNC6201, which uses the access to move laterally, maintain persistent access, and deploy malware including SLAYSTYLE, BRICKSTORM, and Grimbolt.

    Show sources