Interesting report. But will the new CISA do anything of the sort?

Ox Security: The KEV Illusion: Separating True Threats from Pretend-Critical Risks https://www.ox.security/the-kev-illusion-separating-true-threats-from-pretend-critical-risks/

More:

Infosecurity-Magazine: CISA Urged to Enrich KEV Catalog with More Contextual Data https://www.infosecurity-magazine.com/news/cisa-urged-enrich-kev-catalog/ #CISA #infosec #cybersecurity

Oh don't worry it's getting worse at #CISA

https://www.cybersecuritydive.com/news/cisa-senior-official-departures/748992/

Authorities carry out global takedown of infostealer used by cybercriminals - A consortium of global law enforcement agencies and tech com... - https://arstechnica.com/security/2025/05/authorities-carry-out-global-takedown-of-infostealer-used-by-cybercriminals/ #infostealers #infostealer #syndication #security #biz⁢ #cisa

New Best Practices Guide for Securing #AI #Data Released (via #CISA) https://www.cisa.gov/news-events/alerts/2025/05/22/new-best-practices-guide-securing-ai-data-released #infosec

#CISA moves to Social Media First Approach? via @endingwithali

#Threatwire

https://www.youtube.com/watch?v=Ez5rlcdBKUA

Well, that’s another pretty serious blow to #CISA. I know there are tons of good people still left but without folks like Matt to do the block and tackle work to keep them safe, it’s going to be harder for them to keep doing the work in keeping America secure.
https://bsky.brid.gy/r/https://bsky.app/profile/did:plc:gdxiuhym6fvbhxo5uhiohmyy/post/3lpmi4c4gh52i

CISA Adds Six Known Exploited Vulnerabilities to Catalog https://www.cisa.gov/news-events/alerts/2025/05/19/cisa-adds-six-known-exploited-vulnerabilities-catalog

A coalition of 52 industry organizations is urging Congress to reauthorize CISA before it’s too late

The joint letter includes voices from critical sectors — energy, telecom, finance, healthcare, transportation, retail, and tech
Without immediate reauthorization, programs supporting vulnerability coordination, incident response, and threat sharing will stall out.
The current authorization expires September 30
The call: long-term, stable support for the U.S. government’s lead civilian cyber agency

When 52 business and infrastructure groups align on cyber policy, that’s not noise — it’s a warning flare.

#CyberSecurity #CISA #ThreatIntel #CyberPolicy #PublicPrivatePartnership #security #privacy #cloud #infosec
https://www.ciodive.com/news/cisa-reauthorization-congress-industry-letter/748356/

#CISA #cybersecurity #Twitter #RSS #YTho

'The US government's Cybersecurity and Infrastructure Security Agency (CISA) announced Monday that going forward, only urgent alerts tied to emerging threats or major cyber activity will appear on its website. Routine updates, guidance, and other notifications will instead be shared via email, RSS, and X.'

https://www.theregister.com/2025/05/12/cisa_vulnerabilities_updates_x/

Geez, TWENTY-TWO ICS advisories from CISA today? Is that as awful as it sounds?

https://www.cisa.gov/news-events/alerts/2025/05/15/cisa-releases-twenty-two-industrial-control-systems-advisories

CISA Adds One Known Exploited Vulnerability to Catalog https://www.cisa.gov/news-events/alerts/2025/05/14/cisa-adds-one-known-exploited-vulnerability-catalog

If you missed this, CISA is now backtracking on recent changes to the way it delivers cybersecurity alerts and advisories.

"We recognize this has caused some confusion in the cyber community. As such, we have paused immediate changes while we re-assess the best approach to sharing with our stakeholders."

CISA: Update to How CISA Shares Cyber-Related Alerts and Notifications https://www.cisa.gov/news-events/alerts/2025/05/12/update-how-cisa-shares-cyber-related-alerts-and-notifications #CISA #cybersecurity #infosec

As #US #vulnerability-tracking falters, #EU enters with its own #security bug database
The European Vulnerability Database (#EUVD) is now fully operational, offering a streamlined platform to monitor critical and actively exploited security flaws amid the US struggles with budget cuts, delayed disclosures, and confusion around the future of its own tracking systems. The EUVD is similar to the US government's National Vulnerability Database (#NVD).
https://www.theregister.com/2025/05/13/eu_security_bug_database/ #CISA

RSS feed for CISA KEV vulnerabilities, powered by Vulnerability-Lookup:

https://www.vulnerability-lookup.org/user-manual/feed-syndication/#most-recent-entries-from-known-exploited-vulnerabilities

#CISA posts up a passel of new KEVs, completely blowing through the k-rad 1337 count.

Technically, it looks like CVE-2025-32709 is the winrar of Most LEET Bug on #KEV.

#arstechnica:
"
DOGE software engineer’s computer infected by info-stealing malware
"
"The presence of credentials in leaked "stealer logs" indicates his device was infected."
"A steady stream of published credentials"

https://arstechnica.com/security/2025/05/doge-software-engineers-computer-infected-by-info-stealing-malware/

8.5.2025

CISA's initial email announcement reducing public-facing security products preserved RSS feeds. But the website language has been updated to drop RSS as a remaining source.

The stated reasoning ("CISA wants this critical information to get the attention it deserves and ensure it is easier to find") is ... specious at best.

Even if we stipulate that keeping the general website less noisy is a net win, they could just ... provide a different web page? And it would be trivial to also create a separate RSS feed just for the vulnerability announcements. The automation is clearly already there and would be relatively easy to modify.

The actual reasoning is different from the stated reasoning, and is left as an exercise for the reader.

Edit: Jerry is setting up an email-to-Mastodon shim here!

https://infosec.exchange/@cisareflector

... which can then be followed as an RSS feed:

https://infosec.exchange/@cisareflector.rss