CISA BOD 22-01 iOS KEV patch order
Public Sector Action
Summary
Hide ▲
Show ▼
CISA ordered Federal Civilian Executive Branch agencies to secure affected iOS devices by March 26 after adding three Coruna vulnerabilities to its Known Exploited Vulnerabilities catalog. The directive matters because the flaws were linked to cyberespionage and crypto-theft activity, raising immediate federal remediation pressure. CISA also urged all organizations to patch the issues or stop using the product if fixes are unavailable.
Related Happenings
CISA zero-trust SASE guidance for TIC 3.0
Public Sector Action
H score30
First: 25.06.2026 14:30
Last: 25.06.2026 14:30
Sources 1
About this happening:
CISA published **new guidance** on **June 24** for **federal civilian executive branch agencies** to replace legacy internet gateways with **SASE** as part of the move from **TIC...
CISA zero-trust SASE guidance for TIC 3.0
Public Sector ActionAbout this happening: CISA published **new guidance** on **June 24** for **federal civilian executive branch agencies** to replace legacy internet gateways with **SASE** as part of the move from **TIC...
CISA BOD 26-04 three-day remediation directive
Public Sector Action
H score36
First: 24.06.2026 17:35
Last: 24.06.2026 17:35
Sources 1
About this happening:
CISA's **BOD 26-04** requires **federal agencies** to apply available security updates or vendor-recommended mitigations within **three days**, accelerating remediation for **acti...
CISA BOD 26-04 three-day remediation directive
Public Sector ActionAbout this happening: CISA's **BOD 26-04** requires **federal agencies** to apply available security updates or vendor-recommended mitigations within **three days**, accelerating remediation for **acti...
Trump executive order sets federal PQC migration deadlines
Public Sector Action
H score23
First: 23.06.2026 18:16
Last: 23.06.2026 18:16
Sources 1
About this happening:
President Trump signed **EO 14409**, ordering **federal agencies** to migrate **high-value assets** and **high-impact systems** to **post-quantum cryptography** on a fixed schedul...
Trump executive order sets federal PQC migration deadlines
Public Sector ActionAbout this happening: President Trump signed **EO 14409**, ordering **federal agencies** to migrate **high-value assets** and **high-impact systems** to **post-quantum cryptography** on a fixed schedul...
CISA FortiBleed mitigation guidance
Advisory/Mitigation
H score67
First: 19.06.2026 09:47
Last: 19.06.2026 09:47
Sources 1
About this happening:
**CISA** issued mitigation guidance for **FortiBleed**, urging operators of **internet-accessible Fortinet devices** to harden exposed **FortiGate** and VPN environments after a *...
CISA FortiBleed mitigation guidance
Advisory/MitigationAbout this happening: **CISA** issued mitigation guidance for **FortiBleed**, urging operators of **internet-accessible Fortinet devices** to harden exposed **FortiGate** and VPN environments after a *...
CISA KEV remediation order for CVE-2026-48907
Public Sector Action
H score89
First: 17.06.2026 08:50
Last: 17.06.2026 08:50
Sources 1
About this happening:
CISA added **CVE-2026-48907** to the **KEV catalog** and ordered **FCEB agencies** to apply fixes by **June 19, 2026**, forcing federal remediation of an **actively exploited** Jo...
CISA KEV remediation order for CVE-2026-48907
Public Sector ActionAbout this happening: CISA added **CVE-2026-48907** to the **KEV catalog** and ordered **FCEB agencies** to apply fixes by **June 19, 2026**, forcing federal remediation of an **actively exploited** Jo...
Timeline
-
06.03.2026 17:57 2 articles · 4mo ago
CISA adds three Coruna iOS flaws to KEV and orders federal patching
Legal Policy Action UpdateCISA added three of the 23 Coruna iOS vulnerabilities to its Known Exploited Vulnerabilities catalog and ordered Federal Civilian Executive Branch agencies to secure affected devices by March 26 under Binding Operational Directive (BOD) 22-01. The directive followed reporting that the flaws were exploited in spyware and crypto-theft attacks using the Coruna exploit kit, and CISA urged all organizations to apply vendor mitigations or discontinue use if fixes are unavailable.
Show sources
- CISA warns of Apple flaws exploited in spyware, crypto-theft attacks — www.bleepingcomputer.com — 06.03.2026 17:57
- Apple patches older iPhones and iPads against Coruna exploits — www.bleepingcomputer.com — 12.03.2026 15:43