The Cybersecurity and Infrastructure Security Agency (CISA) has added four dangerous security bugs to its Known Exploited Vulnerabilities, KEV Catalog. This announcement was made on July 7, 2025, after it was confirmed that hackers are already using these bugs to attack real systems. The KEV list helps government agencies and companies stay alert about serious security issues that need quick fixing.
Even though some of these bugs are several years old, they are still being used by attackers because many systems haven’t been updated. CISA wants everyone, especially those running important systems, to fix these problems as soon as possible.
The first bug, known as CVE-2014-3931, affects a tool called Multi-Router Looking Glass (MRLG). This tool is used by network engineers to check internet traffic. The bug can be used by attackers to crash the tool or take control of the system it’s running on. All they need to do is send the system some unexpected commands.
The second issue, CVE-2016-10033, affects PHPMailer, a tool used by many websites to send emails. If attackers trick the system with a specially made email, they can get it to run harmful code. This could allow them to take control of the entire system.
Next, CVE-2019-5418 is a bug in Ruby on Rails, a popular website-building framework. This bug lets attackers view files on the server that should be private. That means they might be able to read passwords, settings, or other important information if the system isn’t fixed.
The last one, CVE-2019-9621, is a flaw in Zimbra, a tool many companies use for email and messaging. This bug allows hackers to trick Zimbra into connecting to other parts of the system that it normally shouldn’t. In past attacks, hackers used this trick to install hidden software on company networks, giving them full access later.
CISA has confirmed that all four of these bugs are currently being used in real attacks. Even if the public can’t see the exact code hackers are using, it’s clear from investigations that these bugs are part of active cyber threats.
Because of how dangerous these bugs are, CISA has given U.S. federal agencies a deadline to fix them. Agencies must apply fixes or protective steps by July 28, 2025. This is required under a federal rule called Binding Operational Directive 22-01, which makes sure government systems stay secure.
But this warning isn’t just for the government. Private companies, schools, hospitals, and even individuals using the affected tools should act quickly too. Anyone using MRLG, PHPMailer, Ruby on Rails, or Zimbra should check for updates and install the latest security patches.
If a fix isn’t yet available, it’s important to follow advice from the software makers. You may need to turn off some features or limit access to protect your system. Also, keep an eye on system activity to spot anything strange that could mean an attack is happening.
This update from CISA is a big reminder that even old bugs can be dangerous if not fixed. Hackers often look for systems that haven’t been updated, and once they find one, they can use these known weaknesses to break in.
The message is simple: update your systems now, before it’s too late. CISA has made it clear, these bugs are being used today, and ignoring them could put your data and systems at serious risk.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
