You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 1 - 20 of 397 results.
Critical vulnerabilities in multiple Fortinet products - FortiCloud SSO Login Authentication Bypass Alert
Dec 10, 2025 - Critical vulnerabilities in Multiple Fortinet Products - FortiCloud SSO Login Authentication Bypass CVE-2025-59718 & CVE-2025-59719. ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Fortinet Advisory.
Multiple vulnerabilities affecting Cisco ASA 5500-X Series devices Alert
Sep 26, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of multiple vulnerabilities impacting Cisco Secure Firewall Adaptive Security Appliance (ASA) 5500-X Series models that are running Cisco ASA Software or Cisco Secure Firewall Threat Defense (FTD) Software. Cisco reports active exploitation of these vulnerabilities globally. ASD’s ACSC has also observed targeting in Australia.
Multiple high-severity vulnerabilities in F5 products and incident impacting F5 Alert
Oct 16, 2025 - F5 has released multiple security advisories affecting BIG-IP, BIG-IP Next, F5OS, and Silverline products. The most critical issues include vulnerabilities in SCP/SFTP, SSL/TLS, HTTP/2, and TMM components, with several rated high (CVSS up to 8.8). Exploitation could allow remote code execution, data exposure, or denial of service.
Multiple vulnerabilities affecting NetScaler ADC and NetScaler Gateway devices Alert
Aug 27, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities (CVE-2025-7775, CVE-2025-7776 & CVE-2025-8424) affecting NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) products.
Exploitation of existing Fortinet Vulnerabilities Alert
Apr 11, 2025 - Fortinet has released information regarding exploitation of previously known vulnerabilities affecting Fortinet devices. ASD’s ACSC recommends customers follow the advice contained in Fortinet’s advisory page.
Critical vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway Products Alert
Jul 4, 2025 - The ASD's ACSC is aware of critical vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway Products (CVE-2025-5349, CVE-2025-5777).
2023 top routinely exploited vulnerabilities Advisory
Nov 13, 2024 - This advisory provides details, collected and compiled by the authoring agencies, on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2023 and their associated Common Weakness Enumerations (CWEs). Malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks in 2023 compared to 2022, allowing them to conduct operations against high priority targets. The authoring agencies strongly encourage vendors, designers, developers, and end-user organizations to implement the following recommendations, and those found within the Mitigations section of this advisory, to reduce the risk of compromise by malicious cyber actors.
Critical vulnerabilities in Ingress-NGINX Controller for Kubernetes Alert
Mar 26, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting Ingress-NGINX Controller for Kubernetes. Customers should update to the latest patched version immediately.
Multiple Vulnerabilities In Ivanti Endpoint Manager Mobile (Ivanti EPMM) Alert
May 14, 2025 - The Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) is aware of two vulnerabilities, one medium and one high severity, in Ivanti Endpoint Manager Mobile (EPMM). The ASD’s ACSC recommends organisations patch to the latest version of Ivanti EPMM, available through Ivanti’s download portal, and investigate whether their systems have been compromised.
Multiple vulnerabilities in Jenkins products Alert
Jan 30, 2024 - ASD’s ACSC is aware of multiple vulnerabilities impacting Jenkins products including CVE 2024-23897 (Critical) & CVE-2024-23898 (High). Organisations using Jenkins products are strongly advised to follow the mitigation advice provided by Jenkins and patch affected versions.
Critical vulnerabilities in GitLab Products Alert
Jan 15, 2024 - The Australian Signals Directorate’s (ASD's) Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting GitLab Community Edition (CE) and Enterprise Edition (EE). Customers should update to a patched version immediately and enable multi-factor authentication for all GitLab accounts.
2022 Top Routinely Exploited Vulnerabilities Advisory
Aug 4, 2023 - This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).
Exchange server critical vulnerabilities Alert
Apr 15, 2021 - On 2 March 2021 Microsoft released information regarding multiple exploits being used to compromise instances of Microsoft Exchange Server. Malicious actors are exploiting these vulnerabilities to compromise Microsoft Exchange servers exposed to the internet, enabling access to email accounts and to enable further compromise of the Exchange server and associated networks.
2021 Top Routinely Exploited Vulnerabilities Advisory
Apr 28, 2022 - This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.
Critical vulnerabilities in ‘ownCloud’ file share Alert
Nov 29, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of multiple critical vulnerabilities affecting the file sync and sharing software ‘ownCloud’. This primarily impacts self-hosted instances of the open-source product. Those impacted should apply the patches available and consider the workarounds made available by the vendor.
APT exploitation of Fortinet Vulnerabilities Alert
Apr 3, 2021 - Advanced Persistent Threat (APT) actors targeting historic Fortinet vulnerabilities.
Multiple vulnerabilities present in VMware products Alert
Aug 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.
Multiple vulnerabilities present in F5 products Alert
May 9, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a F5 Security Advisory Addressing Multiple Vulnerabilities in their BIG-IP Product Range. Affected Australian organisations should take appropriate action.
Exploitation of vulnerabilities affecting Cisco firewall platforms Alert
Apr 25, 2024 - This alert has been written for the IT teams of organisations and government. Entities are strongly encouraged to take immediate action to ensure affected devices are patched and investigate for potential compromise.
Joint advisory on top cyber vulnerabilities News
Jul 28, 2021 - The top 30 cyber security vulnerabilities exploited by malicious cyber actors since 2020 have been detailed in a joint advisory issued by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and counterpart cyber security agencies from the United States and the United Kingdom.
