Skip to main content

CSA will never ask you to transfer money or disclose banking details. Stay vigilant.

If unsure, call the 24/7 ScamShield Helpline at 1799 to check. www.scamshield.gov.sg

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts

Alerts

Timely information about security issues, vulnerabilities, and exploits.

562 articles

27 March 2025

Zero-day Vulnerability in Google Chrome

Google has released security updates to address a zero-day vulnerability affecting Google Chrome. Users and administrators using Windows-based Chrome browsers are advised to update to the latest versions immediately.

Alerts

26 March 2025

Multiple Vulnerabilities in VMware Products

VMware has released security updates to address multiple vulnerabilities affecting their ESXi, Workstation and Fusion products. Users and administrators of affected product versions are advised to update to the latest versions immediately.

Alerts

25 March 2025

Active Exploitation of Vulnerabilities in Cisco Smart Licensing Utility

There have been reports of active exploitation of vulnerabilities in unpatched Cisco Smart Licensing Utility instances. Users and administrators of affected products are advised to update to the latest versions immediately.

Alerts

24 March 2025

Critical Vulnerability in Apache Tomcat Software

The Apache Software Foundation has released updates addressing a critical vulnerability which affects their Apache Tomcat software. Users and administrators of the affected products are advised to update to the latest versions immediately.

Alerts

24 March 2025

Critical Vulnerability in Next.js

Next.js has released updates addressing a critical vulnerability (CVE-2025-29927) in Next.js React framework, which is used for building web applications. Users and administrators are advised to update to the latest versions.

Alerts

24 March 2025

Critical Vulnerability in Veeam Software

Veeam has released updates addressing a critical vulnerability (CVE-2025-23120) in Veeam Backup & Replication software that affects domain-joined installations.

Alerts

Alert

12 March 2025

Active Exploitation of Critical Vulnerabilities in Ivanti Endpoint Manager

Ivanti has released updates addressing critical vulnerabilities in Ivanti Endpoint Manager products. Users and administrators of the affected products are advised to update to the latest versions immediately.

Alerts

12 March 2025

March 2025 Monthly Patch

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

Alerts

7 March 2025

Critical Vulnerability in Elastic Kibana

Elastic has released security updates addressing a critical vulnerability affecting their Kibana software. Users and administrators of affected products are advised to update to the latest versions immediately.

Alerts

28 February 2025

Ongoing Astaroth Phishing Campaign Targeting Gmail, Microsoft and Third-Party Authentication Services

There are reports of an ongoing Astaroth phishing campaign targeting Gmail, Microsoft, and third-party logins. Attackers are able to bypass Multi-Factor Authentication (MFA), stealing credentials in real-time.

Alerts