SingCERT has received multiple reports of scammers impersonating CSA officers and the Police using fake court orders sent through fraudulent emails. Read the alert here.

🔔 Even after patching, compromised SharePoint servers can still be exploited if further measures are not in place. Patching alone is not enough — apply additional mitigation steps immediately to stay protected. More details: #CSASingapore

Microsoft has released an emergency patch for zero‑day vulnerabilities (CVE‑2025‑53770 and CVE‑2025‑53771) affecting SharePoint servers. Administrators should update to the latest versions without delay 🔄. More details: #CSASingapore #CybersecuritySG

Google has released security updates to address a zero-day vulnerability in its Chrome browser. Users and administrators are advised to update to the latest versions immediately. 🔗:

Security updates have been released for multiple vulnerabilities affecting VMware products. Users and administrators are advised to update to the latest versions. 🔗 :

CSA has issued 4 CVE IDs to the vulnerabilities in Alcatel OmniAccess Stellar products. Users and administrators of affected products are advised to contact their Business Partner immediately to update to the latest version. Read the alert here:

Security updates have been released to address a critical vulnerability affecting multiple printer models belonging to Brother, Konica Minolta, and Toshiba. Read alert here:.

🚨 SAP has released security updates for critical vulnerabilities in Live Auction Cockpit (SRM) and SAP S/4HANA / Supply Chain Management. Users and admins are advised to patch immediately. 🔗 Read the alert: #CyberAlert #CSASingapore #SAP

⚠️ Fortinet has released a security update for a critical vulnerability affecting FortiWeb products. Users and admins are advised to update immediately. 🔗 Read the alert:

⚠️ Threat actors are using a social engineering technique called ClickFix to trick victims into running malicious commands. Stay alert. 🔗 Read the full alert:

As more services move online and cyber threats become increasingly sophisticated, attackers are actively targeting authentication systems. This advisory aims to help organisations and users make informed decisions when selecting authentication methods. 🔗:

📢 Think you can spot a deepfake? . Tune in to hear Dr Luke Ho from CSA, share practical tips on spotting deepfakes and protecting oneself from scams. Listen to the full interview here:

There have been reports of SCATTERED SPIDER, a financially-motivated eCrime adversary, targeting the insurance and retail industries. Organisations are advised to adopt measures to strengthen their cybersecurity posture.

Google has released security updates to address a zero-day vulnerability in its Chrome browser. Users and administrators of affected products are advised to update to the latest versions immediately. Read more here.

Citrix has released security updates addressing multiple critical vulnerabilities in their NetScaler ADC and NetScaler Gateway. Users and administrators of affected products are advised to update to the latest versions immediately. Read the alert here.

⚠️ Notepad++ has released a security update for a vulnerability affecting its product. Users and admins are advised to update to the latest version. 🔗 Read the alert:

🚨 Cisco has released security updates for critical vulnerabilities in ISE and ISE-PIC. Users and admins should update to the latest versions. 🔗 Read the alert:

As a CNA, CSA assigns CVE IDs to zero-day vulnerabilities to strengthen cyber defences. At the 2024 SPIRITCYBER hackathon, 8 CVEs were uncovered in Advantech products. A patch is now available. Users are advised to act. 🔗

Researchers have discovered two new LPE vulnerabilities that can be chained to gain root access on systems running major Linux distributions. Users and admins are advised to update to the latest version. Read the alert here:

A new campaign is exploiting a critical vulnerability (CVE-2025-3248) in Langflow to launch DDoS attacks. Users and admins are urged to update to the latest version immediately. Read the alert here:

Cisco has released security updates addressing a critical vulnerability in its Identity Services Engine. Read the alert here.