Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore

Alerts & Advisories

Provides alerts and advisories on emerging cyber threats, vulnerabilities, and preventive measures to help individuals and organisations stay secure online.

1167 articles

16 June 2026

Vulnerability in Cisco Catalyst SD-WAN Manager

Attackers are exploiting a vulnerability in Cisco Catalyst SD-WAN Manager to overwrite files on the underlying filesystem and escalate privileges to root. Patch immediately.

Alerts

16 June 2026

Multiple Vulnerabilities in GitLab Products

Attackers can exploit multiple high-severity vulnerabilities in GitLab to achieve account takeover, cause denial of service, add unauthorised email addresses and execute arbitrary client-side code. Patch immediately.

Alerts

12 June 2026

Critical Vulnerabilities in SAP NetWeaver and SAP Commerce Cloud

Attackers can exploit critical vulnerabilities in SAP NetWeaver and SAP Commerce Cloud to gain unauthorised access and compromise affected systems. Users and administrators are advised to patch immediately.

Alerts

12 June 2026

Critical Vulnerabilities in Ivanti Sentry

Attackers can exploit OS command injection (CVE-2026-10520) and authentication bypass (CVE-2026-10523) vulnerabilities in Ivanti Sentry to execute commands as root, create unauthorised administrative accounts, and gain full system administrative control without authentication. Patch immediately.

Alerts

12 June 2026

Critical Vulnerability in Fortinet FortiSandbox

Attackers can exploit a critical vulnerability in Fortinet FortiSandbox via HTTP requests to execute unauthorised commands on the affected system. Patch immediately.

Alerts

12 June 2026

Critical Vulnerability in Oracle PeopleSoft Enterprise PeopleTools

Oracle has released security updates to address a critical vulnerability in Oracle PeopleSoft Enterprise PeopleTools that could allow unauthenticated attackers to perform remote code execution and fully compromise the affected system. Patch immediately.

Alerts

10 June 2026

June 2026 Monthly Patch

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

Monthly Patch

10 June 2026

Joint Advisory on Technical Support Scams Involving the Impersonation of Microsoft

The Singapore Police Force (SPF) and the Cyber Security Agency of Singapore (CSA) would like to alert members of the public to remain vigilant against technical support scams involving impersonation of Microsoft.

Advisory

10 June 2026

Security Bulletin 10 Jun 2026 [PDF, 1766 KB]

Bulletins

9 June 2026

Critical Vulnerability in Check Point VPN

Attackers are actively exploiting a critical vulnerability in Check Point VPN to bypass authentication and gain unauthorised remote access. Apply security updates immediately.

Alerts