<p>Enterprises are increasingly in a race against time to address vulnerabilities before attackers exploit them.</p>
<p>The bad guys are getting faster, and <a href=”https://www.techtarget.com/searchenterprisedesktop/definition/patch-management”>patch management</a> isn’t keeping up. Threat intelligence services provider Flashpoint found the average time to exploit — the period between a vulnerability’s disclosure and its weaponization in the wild — plummeted from 745 days in 2020 to just 44 days in 2025. Worryingly, according to Statista research, organizations put off patching critical vulnerabilities for an average of 165 days last year.</p>
<p>The speed with which attackers now barrel through soft spots in enterprise defenses makes this week’s featured news articles all the more urgent. Rather than routine maintenance activities, patching critical zero days and retiring insecure devices are increasingly high-stakes defense sprints.</p>
<section class=”section main-article-chapter” data-menu-title=”Not a drill: Microsoft patches 6 zero days under active exploitation”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Not a drill: Microsoft patches 6 zero days under active exploitation</h2>
<p>Microsoft’s latest security update includes patches for six actively exploited zero days and five additional CVEs the provider said malicious actors are relatively likely to exploit. Three of the zero days involve security feature bypass flaws in various Microsoft products, enabling attackers to circumvent built-in defensive controls. The February update addressed 59 flaws in total.</p>
<p>Microsoft emphasized the importance of applying these patches promptly to protect systems from potential exploitation. This update highlights the growing sophistication of cyberthreats and the need for organizations to maintain <a href=”https://www.techtarget.com/searchsecurity/tip/5-enterprise-patch-management-best-practices”>strong patch management practices</a> to safeguard their infrastructure.</p>
<p><a target=”_blank” href=”https://www.darkreading.com/vulnerabilities-threats/microsoft-fixes-6-actively-exploited-zero-days” rel=”noopener”><i>Read the full article by Jai Vijayan on Dark Reading</i></a>.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”CISA orders federal agencies to remove unsupported edge devices”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>CISA orders federal agencies to remove unsupported edge devices</h2>
<p>CISA has issued a binding operational directive requiring federal agencies to stop using unsupported network edge devices, such as firewalls and routers, within a year. CISA said end-of-support (EOS) devices pose a substantial and constant “imminent threat.”</p>
<p>Agencies must update outdated devices, report their usage and decommission those with expired support. Within 24 months, processes must be established to track and remove unsupported devices before their EOS dates.</p>
<p>While the directive targets federal agencies, CISA encourages broader adoption by local governments and businesses. Despite limited enforcement power, CISA will collaborate with the White House to monitor compliance and provide support.</p>
<p><a target=”_blank” href=”https://www.cybersecuritydive.com/news/cisa-edge-devices-binding-operational-directive/811539/” rel=”noopener”><i>Read the full article by Eric Gellar on Cybersecurity Dive</i></a>.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”Attack on Poland’s energy grid prompts warning to U.S. critical infrastructure operators”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Attack on Poland’s energy grid prompts warning to U.S. critical infrastructure operators</h2>
<p>A recent cyberattack on Poland’s energy grid, attributed to Russian hacker groups Berserk Bear and Sandworm, underscores the dangers posed by vulnerable edge devices in operational technology (OT) environments. CISA warned U.S. critical infrastructure operators to take note.</p>
<p>In the December 2025 attack, malicious hackers exploited internet-facing FortiGate devices with reused passwords, enabling them to access a variety of OT devices with default passwords. The attackers were then able to deploy <a href=”https://www.techtarget.com/searchsecurity/tip/How-to-mitigate-wiper-malware”>wiper malware</a>, corrupt firmware and disrupt system operations. While renewable energy systems continued production, operators lost control and monitoring capabilities.</p>
<p>In an advisory, CISA emphasized the need for <a href=”https://www.techtarget.com/sear
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: