Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA BOD 22-01 iOS KEV patch order

Public Sector Action
First reported
Last updated
Happening score
H score 35
1 unique sources, 2 articles

Summary

Hide ▲

CISA ordered Federal Civilian Executive Branch agencies to secure affected iOS devices by March 26 after adding three Coruna vulnerabilities to its Known Exploited Vulnerabilities catalog. The directive matters because the flaws were linked to cyberespionage and crypto-theft activity, raising immediate federal remediation pressure. CISA also urged all organizations to patch the issues or stop using the product if fixes are unavailable.

Related Happenings

CISA zero-trust SASE guidance for TIC 3.0

Public Sector Action
H score30 First: 25.06.2026 14:30 Last: 25.06.2026 14:30 Sources 1

About this happening: CISA published **new guidance** on **June 24** for **federal civilian executive branch agencies** to replace legacy internet gateways with **SASE** as part of the move from **TIC...

CISA BOD 26-04 three-day remediation directive

Public Sector Action
H score36 First: 24.06.2026 17:35 Last: 24.06.2026 17:35 Sources 1

About this happening: CISA's **BOD 26-04** requires **federal agencies** to apply available security updates or vendor-recommended mitigations within **three days**, accelerating remediation for **acti...

Trump executive order sets federal PQC migration deadlines

Public Sector Action
H score23 First: 23.06.2026 18:16 Last: 23.06.2026 18:16 Sources 1

About this happening: President Trump signed **EO 14409**, ordering **federal agencies** to migrate **high-value assets** and **high-impact systems** to **post-quantum cryptography** on a fixed schedul...

CISA FortiBleed mitigation guidance

Advisory/Mitigation
H score67 First: 19.06.2026 09:47 Last: 19.06.2026 09:47 Sources 1

About this happening: **CISA** issued mitigation guidance for **FortiBleed**, urging operators of **internet-accessible Fortinet devices** to harden exposed **FortiGate** and VPN environments after a *...

CISA KEV remediation order for CVE-2026-48907

Public Sector Action
H score89 First: 17.06.2026 08:50 Last: 17.06.2026 08:50 Sources 1

About this happening: CISA added **CVE-2026-48907** to the **KEV catalog** and ordered **FCEB agencies** to apply fixes by **June 19, 2026**, forcing federal remediation of an **actively exploited** Jo...

Timeline

  1. 06.03.2026 17:57 2 articles · 4mo ago

    CISA adds three Coruna iOS flaws to KEV and orders federal patching

    Legal Policy Action Update

    CISA added three of the 23 Coruna iOS vulnerabilities to its Known Exploited Vulnerabilities catalog and ordered Federal Civilian Executive Branch agencies to secure affected devices by March 26 under Binding Operational Directive (BOD) 22-01. The directive followed reporting that the flaws were exploited in spyware and crypto-theft attacks using the Coruna exploit kit, and CISA urged all organizations to apply vendor mitigations or discontinue use if fixes are unavailable.

    Show sources