Cyber Watch Live Feed
Cyber Watch helps businesses, nonprofits, home offices, and local organizations monitor current CISA advisories, known exploited vulnerabilities, and major provider outage resources in one practical dashboard.
If your systems, software, cloud tools, or vendors appear in a major alert and your IT provider has not notified you, Sasha Digital Solutions can provide an independent investigation, remediation plan, or second-opinion review.
Live CISA Advisory Feed
This section displays recent advisories from CISA. Review official details before taking action, and contact SashaDS if you need help determining whether your environment is affected.
Published: May 20, 2026
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability CVE-2009-1537 Microsoft DirectX NULL Byt...
Published: May 19, 2026
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to take control of the victim's browser. The following versions of Kieback & Peter DDC Building Controllers are affected: DDC4002 <=1.12.14 (CVE...
Published: May 19, 2026
View CSAF Summary Successful exploitation of this vulnerability could result in information disclosure, including capture of camera account credentials. The following versions of ZKTeco CCTV Cameras are affected: SSC335-GC2063-Face-0b77 So...
Published: May 19, 2026
View CSAF Summary A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on ...
Published: May 19, 2026
View CSAF Summary An update is available that resolves vulnerability in the product versions listed as affected in this advisory. A path traversal vulnerability in these products can allow unauthenticated users to gain access to restricted ...
Known Exploited Vulnerabilities
CISAââ"šÂ¬Ã¢"žÂ¢s KEV catalog helps prioritize vulnerabilities that are already being exploited. If your organization uses affected vendors or products, these should be reviewed quickly.
If your organization uses Microsoft Windows, review exposure, confirm patch status, and prioritize remediation. Known exploited vulnerabilities should not wait in the normal patch queue.
CISA Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
If your organization uses Microsoft DirectX, review exposure, confirm patch status, and prioritize remediation. Known exploited vulnerabilities should not wait in the normal patch queue.
CISA Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
If your organization uses Adobe Acrobat and Reader, review exposure, confirm patch status, and prioritize remediation. Known exploited vulnerabilities should not wait in the normal patch queue.
CISA Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
If your organization uses Microsoft Internet Explorer, review exposure, confirm patch status, and prioritize remediation. Known exploited vulnerabilities should not wait in the normal patch queue.
CISA Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
If your organization uses Microsoft Internet Explorer, review exposure, confirm patch status, and prioritize remediation. Known exploited vulnerabilities should not wait in the normal patch queue.
CISA Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
If your organization uses Microsoft Defender, review exposure, confirm patch status, and prioritize remediation. Known exploited vulnerabilities should not wait in the normal patch queue.
CISA Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Major Service Outage Watch
Public status pages can help identify major incidents, but they may not show every tenant-specific or account-specific problem. If your business is affected and your provider has not notified you, SashaDS can perform an independent review.
Public status information for Azure services and regions. Microsoft 365 tenant-specific service health may require admin-center access.
Open Status PageMicrosoft 365 service health for tenant-specific issues is normally reviewed inside the Microsoft 365 admin center.
Open Status PagePublic AWS service health and regional outage information.
Open Status PagePublic Google Cloud service health and incident information.
Open Status PageCloudflare network, DNS, CDN, WAF, and platform status information.
Open Status PageShopify platform status for stores, checkout, admin, and related services.
Open Status PageAlready Have an MSP?
If your business uses software, cloud services, firewall products, remote access tools, or platforms listed in major advisories, your IT provider should help determine whether you are affected.
If you are learning about threats from the news before your provider contacts you, Sasha Digital Solutions can provide a second-opinion review.
No MSP or IT Provider?
SashaDS can help review suspicious activity, exposed systems, breach notices, vulnerability alerts, account compromise concerns, website issues, and cloud-service problems.
The goal is not panic. The goal is triage, containment, remediation, and better prevention going forward.
Trusted Cybersecurity Resources
Cyber Watch highlights trusted resources for awareness and reporting. These resources are useful for businesses, nonprofits, and home users.
CISA provides cybersecurity advisories, alerts, and guidance for organizations, businesses, and the public.
Visit CISA AdvisoriesCISAââ"šÂ¬Ã¢"žÂ¢s Known Exploited Vulnerabilities catalog helps organizations prioritize vulnerabilities known to be exploited.
Visit KEV CatalogIC3 is used to report internet crimes including fraud, business email compromise, ransomware, and online scams.
Visit IC3The FTC publishes scam alerts and consumer guidance related to fraud, impersonation, identity theft, and online threats.
Visit FTC AlertsLetââ"šÂ¬Ã¢"žÂ¢s review the threat, outage, vulnerability, account issue, or suspicious activity and identify practical next steps.
Request Cyber Watch Investigation