{"id":48795,"date":"2022-10-07T11:35:12","date_gmt":"2022-10-07T11:35:12","guid":{"rendered":"http:\/\/2ea9f1ca-7a2e-458a-aa79-18bfeb3072af"},"modified":"2022-10-07T11:35:12","modified_gmt":"2022-10-07T11:35:12","slug":"nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/","title":{"rendered":"NSA, FBI warning: Beware these 20 software flaws most used by hackers"},"content":{"rendered":"
\n
\n
\"a-man-looking-at-his-laptop-with-concern\"<\/picture><\/div>\n

<\/div>\n

Image: Getty\/Deagreez<\/span><\/figcaption><\/figure>\n

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have listed the top 20 software flaws that China-funded hackers have been using to compromise networks since 2020. <\/p>\n

The advisory<\/a> emphasizes that China-backed hackers actively target not just the networks of the US government and its allies but also software and hardware companies in the supply chain to steal intellectual property and gain access to sensitive networks. These hackers are an active threat to the IT and telecoms sector, the defense industrial base, and critical infrastructure owners and operators. <\/p>\n

“NSA, CISA, and FBI continue to assess [People’s Republic of China] PRC state-sponsored cyber activities as being one of the largest and most dynamic threats to U.S. government and civilian networks,” they note. <\/p>\n

Also: <\/strong>White House warns: Do these 8 things now to boost your security ahead of potential Russian cyberattacks<\/a><\/p>\n

CISA this week disclosed<\/a> that several state-backed hacking groups were active on defense industrial base enterprise networks after gaining access through their Microsoft Exchange Server infrastructure from around mid-January 2021. Exchange Server is now under attack by newly discovered flaws<\/a> similar to last year’s ProxyShell.<\/p>\n

Among the top 20 flaws used by China-backed hackers are four Microsoft Exchange Server flaws: CVE-2021-26855, a remote code execution bug, as well CVE-2021-26857<\/a>, CVE-2021-26858<\/a>, and CVE-2021-27065<\/a>. These are all part of the the Exchange Server ProxyLogon pre-authentication vulnerabilities disclosed in 2021.   <\/p>\n

Microsoft in July warned these bugs were being used<\/a> in combination with malware tailored for networks using Microsoft’s Internet Information Services (IIS) web server to host Outlook on the web. <\/p>\n

Other commonly used flaws include those in Apache Log4Shell, and flaws in code-hosting site GitLab, F5’s network gear, VPN endpoints, and popular server products from VMware, Cisco, and Citrix. <\/p>\n

All the bugs are publicly known and present a risk for organizations that haven’t applied available firmware and software updates. <\/p>\n

The GitLab and Atlassian Confluence bugs<\/a> stand out as examples of hackers targeting developer and IT operations tools.   <\/p>\n

“These state-sponsored actors continue to use virtual private networks (VPNs) to obfuscate their activities and target web-facing applications to establish initial access,” CISA notes. <\/p>\n

Many of the top 20 vulnerabilities “allow the actors to surreptitiously gain unauthorized access into sensitive networks, after which they seek to establish persistence and move laterally to other internally connected networks,” it added. <\/p>\n

The agencies recommend patching systems, using multi-factor authentication, disabling unused protocols at the network edge, ditching end-of-life devices, adopting a model that trusts no person, device or app, and enabling logging of internet-facing systems.  <\/p>\n

The top flaws used since 2020 are listed in the table below.<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
\n

Vendor<\/strong><\/p>\n<\/td>\n

\n

CVE<\/strong><\/p>\n<\/td>\n

\n

Vulnerability Type<\/strong><\/p>\n<\/td>\n<\/tr>\n

\n

Apache Log4j<\/p>\n<\/td>\n

\n

CVE-2021-44228<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Pulse Connect Secure<\/p>\n<\/td>\n

\n

CVE-2019-11510<\/p>\n<\/td>\n

\n

Arbitrary File Read<\/p>\n<\/td>\n<\/tr>\n

\n

GitLab CE\/EE<\/p>\n<\/td>\n

\n

CVE-2021-22205<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Atlassian<\/p>\n<\/td>\n

\n

CVE-2022-26134<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Microsoft Exchange<\/p>\n<\/td>\n

\n

CVE-2021-26855<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

F5 Big-IP<\/p>\n<\/td>\n

\n

CVE-2020-5902<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

VMware vCenter Server<\/p>\n<\/td>\n

\n

CVE-2021-22005<\/p>\n<\/td>\n

\n

Arbitrary File Upload <\/p>\n<\/td>\n<\/tr>\n

\n

Citrix ADC<\/p>\n<\/td>\n

\n

CVE-2019-19781<\/p>\n<\/td>\n

\n

Path Traversal<\/p>\n<\/td>\n<\/tr>\n

\n

Cisco Hyperflex<\/p>\n<\/td>\n

\n

CVE-2021-1497<\/p>\n<\/td>\n

\n

Command Line Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Buffalo WSR<\/p>\n<\/td>\n

\n

CVE-2021-20090<\/p>\n<\/td>\n

\n

Relative Path Traversal<\/p>\n<\/td>\n<\/tr>\n

\n

Atlassian Confluence Server and Data Center<\/p>\n<\/td>\n

\n

CVE-2021-26084<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Hikvision Webserver<\/p>\n<\/td>\n

\n

CVE-2021-36260<\/p>\n<\/td>\n

\n

Command Injection<\/p>\n<\/td>\n<\/tr>\n

\n

Sitecore XP<\/p>\n<\/td>\n

\n

CVE-2021-42237<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

F5 Big-IP<\/p>\n<\/td>\n

\n

CVE-2022-1388<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Apache<\/p>\n<\/td>\n

\n

CVE-2022-24112<\/p>\n<\/td>\n

\n

Authentication Bypass by Spoofing<\/p>\n<\/td>\n<\/tr>\n

\n

ZOHO<\/p>\n<\/td>\n

\n

CVE-2021-40539<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Microsoft<\/p>\n<\/td>\n

\n

CVE-2021-26857<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Microsoft<\/p>\n<\/td>\n

\n

CVE-2021-26858<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Microsoft<\/p>\n<\/td>\n

\n

CVE-2021-27065<\/p>\n<\/td>\n

\n

Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n

\n

Apache HTTP Server<\/p>\n<\/td>\n

\n

CVE-2021-41773<\/p>\n<\/td>\n

\n

Path Traversal<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

China-backed hackers like to use these flaws, so you need to make sure they are patched, says FBI, NSA and CISA.
\nREAD MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-48795","post","type-post","status-publish","format-standard","hentry","category-zdnet-security"],"yoast_head":"\nNSA, FBI warning: Beware these 20 software flaws most used by hackers 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NSA, FBI warning: Beware these 20 software flaws most used by hackers 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-10-07T11:35:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.zdnet.com\/a\/img\/resize\/ce27145f97e5f88f42e36027c99faac322a30eb2\/2022\/07\/29\/2d06a8d2-1505-437a-8aca-694590c19c18\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"NSA, FBI warning: Beware these 20 software flaws most used by hackers\",\"datePublished\":\"2022-10-07T11:35:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/\"},\"wordCount\":618,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/ce27145f97e5f88f42e36027c99faac322a30eb2\\\/2022\\\/07\\\/29\\\/2d06a8d2-1505-437a-8aca-694590c19c18\\\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/\",\"name\":\"NSA, FBI warning: Beware these 20 software flaws most used by hackers 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/ce27145f97e5f88f42e36027c99faac322a30eb2\\\/2022\\\/07\\\/29\\\/2d06a8d2-1505-437a-8aca-694590c19c18\\\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200\",\"datePublished\":\"2022-10-07T11:35:12+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/ce27145f97e5f88f42e36027c99faac322a30eb2\\\/2022\\\/07\\\/29\\\/2d06a8d2-1505-437a-8aca-694590c19c18\\\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200\",\"contentUrl\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/ce27145f97e5f88f42e36027c99faac322a30eb2\\\/2022\\\/07\\\/29\\\/2d06a8d2-1505-437a-8aca-694590c19c18\\\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NSA, FBI warning: Beware these 20 software flaws most used by hackers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NSA, FBI warning: Beware these 20 software flaws most used by hackers 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/","og_locale":"en_US","og_type":"article","og_title":"NSA, FBI warning: Beware these 20 software flaws most used by hackers 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-10-07T11:35:12+00:00","og_image":[{"url":"https:\/\/www.zdnet.com\/a\/img\/resize\/ce27145f97e5f88f42e36027c99faac322a30eb2\/2022\/07\/29\/2d06a8d2-1505-437a-8aca-694590c19c18\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"NSA, FBI warning: Beware these 20 software flaws most used by hackers","datePublished":"2022-10-07T11:35:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/"},"wordCount":618,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/ce27145f97e5f88f42e36027c99faac322a30eb2\/2022\/07\/29\/2d06a8d2-1505-437a-8aca-694590c19c18\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/","url":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/","name":"NSA, FBI warning: Beware these 20 software flaws most used by hackers 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/ce27145f97e5f88f42e36027c99faac322a30eb2\/2022\/07\/29\/2d06a8d2-1505-437a-8aca-694590c19c18\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200","datePublished":"2022-10-07T11:35:12+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/#primaryimage","url":"https:\/\/www.zdnet.com\/a\/img\/resize\/ce27145f97e5f88f42e36027c99faac322a30eb2\/2022\/07\/29\/2d06a8d2-1505-437a-8aca-694590c19c18\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200","contentUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/ce27145f97e5f88f42e36027c99faac322a30eb2\/2022\/07\/29\/2d06a8d2-1505-437a-8aca-694590c19c18\/a-man-looking-at-his-laptop-with-concern.jpg?auto=webp&width=1200"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/nsa-fbi-warning-beware-these-20-software-flaws-most-used-by-hackers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"NSA, FBI warning: Beware these 20 software flaws most used by hackers"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48795","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=48795"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48795\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=48795"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=48795"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=48795"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}