CISA Gives US Federal Agencies Three Days to Patch VPN Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive to all civilian agencies to remediate a critical vulnerability in Check Point software. This flaw has been identified as actively exploited by ransomware groups. According to Techcrunch.com reports .

According to cybersecurity firm Check Point Software, the vulnerability affects remote access tools, firewalls, and VPN systems, which serve as digital gateways protecting corporate networks from unauthorized access. The company confirmed that a ransomware group named Qilin is exploiting this vulnerability.

Although hacking attacks began on May 7, activity surged sharply last week. The Qilin group has attacked dozens of organizations worldwide that rely on these security tools. Due to the high risk to federal government networks, CISA has mandated all agencies to resolve the issue by June 11.

The directive applies to all major civilian agencies, including the Department of Homeland Security, the Department of State, and the Treasury. CISA is acting under Operational Directive BOD 22-01, which enables security measures when active cyber threats exist on government networks.