CISA is ordering federal agencies by May 23 to issue patches for vulnerabilities in popular VMware products that could be chained together for full system control.

Defense Digital Service cybersecurity lead Daniel Bardenstein says agencies still lack visibility into vulnerable devices living on the open internet.

The Army is working on a common software repository that will allow for regular updates and patching to be done on the DOD's networks.

DHS’s Cybersecurity and Infrastructure Security Agency now gives agencies 15 days after discovery to fix vulnerabilities deemed critical.