CISA weekly intelligence brief on security alerts and vulnerabilities - Week of August 25, 2025

Key Takeaways

• CISA added several vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalog.
• The updates include vulnerabilities related to federal agencies and various technology platforms.
• Emphasis on the importance of remediation to address cybersecurity risks.
• Collaborative initiatives from organizations aim to enhance cybersecurity training and software security.
• Research highlights significant risks associated with healthcare devices and the need for improved security measures.

CISA has expanded its KEV Catalog with multiple listings aimed at mitigating active threats. Recent updates include vulnerabilities affecting technologies from companies like Ivanti, MDaemon, and D-Link. Among the identified vulnerabilities are critical entries such as CVE-2025-4427, related to Ivanti Endpoint Manager Mobile, and several vulnerabilities involving D-Link devices.

Each entry in CISA's catalog poses a potential risk to federal agencies, which are mandated by Binding Operational Directive (BOD) 22-01 to address these vulnerabilities within specified timelines. The directive emphasizes the need for comprehensive remediation strategies across sectors to enhance cybersecurity measures.

Moreover, a significant report from Modat reveals over 1.2 million internet-connected healthcare devices are exposed to cyber threats due to poor security practices. This finding underlines the pressing need for the healthcare sector to adopt stricter cybersecurity protocols. The report's recommendations include regular security evaluations and improved authentication practices to safeguard sensitive data.

In addition to vulnerabilities, organizations are focusing on collaborative efforts to boost cybersecurity capabilities. Netskope has partnered with Red Synthetic Environment Analytics (SEA) Global to enhance workforce training in cybersecurity, addressing human error as a primary concern in data breaches. Meanwhile, Aqua Security launched the Trivy Partner Connect Program to bolster its open-source vulnerability scanner ecosystem.

This accumulated information underscores the evolving landscape of cybersecurity threats and the importance of proactive measures in vulnerability management. Ongoing collaborations and increased awareness are essential for protecting both organizational and federal cybersecurity infrastructures.

1. CISA adds six vulnerabilities to KEV Catalog
   CISA has added six vulnerabilities to its KEV Catalog, urging remediation for federal agencies.
2. CISA adds five new vulnerabilities to KEV Catalog
   BOD 22-01 requires federal agencies to promptly address new vulnerabilities to improve cybersecurity posture.
3. Independent testing crucial for Secure Access Service Edge (SASE) evaluation amid evolving cyber threats
   Independent testing is essential for validating SASE solutions amid vendor claims, ensuring reliable cyber security assessments.
4. Netskope discusses cybersecurity at DSEI Japan 2025
   Cybersecurity themes emerging from DSEI Japan 2025 emphasize collaboration between public and private sectors for modern defense strategies.
5. CISA adds two vulnerabilities to its KEV Catalog
   CISA adds two new vulnerabilities to the KEV Catalog, emphasizing their relevance for federal agencies.
6. CISA updates KEV Catalog
   CISA adds two vulnerabilities to the KEV Catalog, affecting Apple products and TP-Link routers.
7. Aqua Security launches Trivy Partner Connect to expand open source security scanning ecosystem
   Aqua Security launched the Trivy Partner Connect Program to build partnerships around its open source security scanner, Trivy.
8. SEALSQ Corp raises its Quantum Investment Fund to enhance cybersecurity efforts
   Advantech introduced edge Artificial Intelligence (AI) compute solutions utilizing Qualcomm's Snapdragon X Elite platform.
9. Netskope partners with Red SEA Global on cybersecurity training
   Netskope focuses on strengthening the human element in cybersecurity through collaboration with Red SEA Global.
10. Tenable recognized as a Customers’ Choice for Vulnerability Assessment by Gartner Peer Insights.
    Gartner recognizes Tenable for high user satisfaction in vulnerability assessment solutions.
11. Snyk introduces Secure At Inception for AI coding security
    Snyk launched Secure At Inception, a suite enhancing security for AI coding, featuring real-time scanning and AI component visibility.
12. Modat reports over 1.2 million exposed healthcare devices at risk of data breaches.
    Cybersecurity risks identified in healthcare devices impacting patient data access.
13. CISA issues Malware Analysis Report on SharePoint vulnerabilities
    CISA added multiple SharePoint vulnerabilities to its catalog, encouraging organizations to use provided detection signatures.
14. CISA adds D-Link vulnerabilities to KEV Catalog
    CISA adds three vulnerabilities tied to D-Link devices to its KEV Catalog due to active exploitation.
15. Netskope emphasizes the role of Model Context Protocol (MCP) security in AI integration.
    MCP plays a critical role in integrating LLMs, necessitating robust security measures for enterprise compliance.
16. Modat study shows over 1.2 million healthcare devices vulnerable to cyber threats
    Modat finds that many healthcare devices lack basic security, risking sensitive patient data.
17. Modat reports over 1.2 million healthcare devices exposed to risks
    Modat's study reveals substantial risks to healthcare devices, urging improved cybersecurity practices to protect patient information.
18. Netskope Threat Labs introduces BEAM for detecting supply chain attacks
    BEAM, an open-source detection tool by Netskope, analyzes network traffic to identify suspicious application behavior.
19. CISA adds three vulnerabilities to KEV Catalog
    CISA adds three vulnerabilities to its KEV Catalog that pose risks to federal networks.
20. CISA updates KEV Catalog with CVE-2025-54948
    CISA adds CVE-2025-54948 to its KEV Catalog due to active exploitation concerns.