The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal government agencies to patch a critical vulnerability in a popular open source server that’s being actively exploited in the wild. CISA added CVE-2024-36401 to its Known Exploited Vulnerabilities (KEV) catalog earlier this week, ordering agencies to patch by August 5.

Source: Infosecurity Magazine – Information Security & IT Security