Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Cyber Security Agency of Singapore

Alerts & Advisories

Provides alerts and advisories on emerging cyber threats, vulnerabilities, and preventive measures to help individuals and organisations stay secure online.

1184 articles

15 July 2026

July 2026 Monthly Patch

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

Monthly Patch

15 July 2026

Multiple Vulnerabilities in SonicWall SMA1000 Series

Attackers are exploiting two zero-day vulnerabilities in the SMA1000 series appliances to perform server-side request forgery and execute arbitrary operating system commands. Patch immediately.

Alerts

15 July 2026

Critical Vulnerabilities in SAP NetWeaver, SAP Approuter and SAP Commerce Cloud

Attackers can exploit critical vulnerabilities in SAP NetWeaver, SAP Approuter and SAP Commerce Cloud to gain unauthorised access, modify data and cause denial of service to affected systems. Patch immediately.

Alerts

15 July 2026

Security Bulletin 15 Jul 2026 [PDF, 1142 KB]

Bulletins

13 July 2026

Vulnerability in Windows File System Proxy (WinFsp)

CSA has issued a CVE ID to a vulnerability reported in WinFsp as part of CSA’s Responsible Vulnerability Disclosure Policy. Users and administrators of the affected product versions are advised to update to the latest version immediately.

Alerts

10 July 2026

Active Exploitation of Critical Vulnerabilities in Joomla Extensions

Attackers are exploiting critical vulnerabilities in Joomla's SP Page Builder and Page Builder CK extensions to upload malicious files and execute arbitrary code. Patch immediately.

Alerts

9 July 2026

Multiple Vulnerabilities in BeyondTrust Products

Attackers can exploit multiple vulnerabilities in BeyondTrust's Remote Support and Privileged Remote Access products to bypass access controls and gain unauthorised access, cause a denial of service, or access unintended resources. Patch immediately.

Alerts

8 July 2026

Critical Vulnerability in Gitea Docker

Attackers are exploiting a critical vulnerability in Gitea Docker images to gain unauthorised access to Gitea instances. Patch immediately.

Alerts

8 July 2026

Security Bulletin 8 July 2026 [PDF, 1MB]]

Bulletins

2 July 2026

Multiple Vulnerabilities in NetScaler Products

Attackers can exploit multiple vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway to read arbitrary files, trigger denial-of-service conditions, and disclose sensitive memory contents. Patch immediately.

Alerts