Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore

Alerts & Advisories

Provides alerts and advisories on emerging cyber threats, vulnerabilities, and preventive measures to help individuals and organisations stay secure online.

1165 articles

12 June 2026

Critical Vulnerabilities in SAP NetWeaver and SAP Commerce Cloud

Attackers can exploit critical vulnerabilities in SAP NetWeaver and SAP Commerce Cloud to gain unauthorised access and compromise affected systems. Users and administrators are advised to patch immediately.

Alerts

12 June 2026

Critical Vulnerabilities in Ivanti Sentry

Attackers can exploit OS command injection (CVE-2026-10520) and authentication bypass (CVE-2026-10523) vulnerabilities in Ivanti Sentry to execute commands as root, create unauthorised administrative accounts, and gain full system administrative control without authentication. Patch immediately.

Alerts

12 June 2026

Critical Vulnerability in Fortinet FortiSandbox

Attackers can exploit a critical vulnerability in Fortinet FortiSandbox via HTTP requests to execute unauthorised commands on the affected system. Patch immediately.

Alerts

12 June 2026

Critical Vulnerability in Oracle PeopleSoft Enterprise PeopleTools

Oracle has released security updates to address a critical vulnerability in Oracle PeopleSoft Enterprise PeopleTools that could allow unauthenticated attackers to perform remote code execution and fully compromise the affected system. Patch immediately.

Alerts

10 June 2026

June 2026 Monthly Patch

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

Monthly Patch

10 June 2026

Joint Advisory on Technical Support Scams Involving the Impersonation of Microsoft

The Singapore Police Force (SPF) and the Cyber Security Agency of Singapore (CSA) would like to alert members of the public to remain vigilant against technical support scams involving impersonation of Microsoft.

Advisory

10 June 2026

Security Bulletin 10 Jun 2026 [PDF, 1766 KB]

Bulletins

9 June 2026

Critical Vulnerability in Check Point VPN

Attackers are actively exploiting a critical vulnerability in Check Point VPN to bypass authentication and gain unauthorised remote access. Apply security updates immediately.

Alerts

9 June 2026

High-Severity Vulnerability in SolarWinds Serv-U

Attackers are exploiting a vulnerability in SolarWinds Serv-U to crash the file transfer service without authentication, causing a denial of service condition. Patch immediately.

Alerts

5 June 2026

High-Severity Vulnerability in Linux Kernel

Attackers are exploiting a 2022 vulnerability in the Linux kernel to escalate privileges and escape containerised environments to compromise underlying hosts. Patch immediately.

Alerts