CISA Adds New Vulnerabilities to KEV Catalog Amid Ransomware Threats
Originally Published 2 months ago — by The Hacker News
The U.S. CISA added five security flaws to its KEV catalog, including a weaponized Oracle E-Business Suite vulnerability (CVE-2025-61884) and other critical bugs in Microsoft, Kentico, and Apple, with some actively exploited in the wild. Agencies must remediate these vulnerabilities by November 10, 2025.