The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven initiative designed to gather, review, report and respond to computer security threats and incidents.

OUR SERVICES

MISP Threat Intelligence Sharing Platform and Private Sharing Communities

Dynamic Malware Analysis (DMA)

Clean documents from untrusted USB keys / sticks

Database storing historical DNS records

More services

Recent highlights

TR-98 - Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340) - Active Exploitation - 9th February 2026

TR-97 - Supply Chain Compromise Propagating Through the npm Ecosystem (Shai-Hulud) - 28th October 2025

TR-96 - Multiple Vulnerabilities in F5 Devices and Products - Impact and Mitigation - 16th October 2025

TR-95 - Critical vulnerability - Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. CVE-2025-53770 - CVE-2025-53771 - 20th July 2025

CIRCL - Virtual Summer School (VSS) 2025 - 1st July 2025

Coordinated Vulnerability Disclosure (CVD) Policy - 18th June 2025

TR-93 - Financial transaction fraud after sytem compromise via Remote Management and Monitoring tools - 26th February 2025

TR-92 - Unused Domain Names and the Risks of Missing DNS SPF Records - 22nd January 2025

TR-88 - Motivation, procedure and rational for leaked credential notifications - 29th August 2024

Learning from the Recent Windows/Falcon Sensor Outage - Causes and Potential Improvement Strategies in Linux with Open Source - 23rd July 2024

TR-87 - CrowdStrike Agent causing BSOD loop on Windows - Faulty Update on Falcon Sensor - 19th July 2024

TR-86 - Check Point VPN Information Disclosure (CVE-2024-24919) - Actively Exploited - 31st May 2024

TR-85 - Three vulnerabilities in Cisco ASA software/applicance and FTD software being exploited - 25th April 2024

TR-84 - PAN-OS (Palo Alto Networks) OS Command Injection Vulnerability in GlobalProtect Gateway - CVE-2024-3400 - 12th April 2024

TR-82 - backdoor discovered in xz-utils - CVE-2024-3094 - 30th March 2024

Cybersecurity Unites Across Borders - FETTA Project Launched to Strengthen EU Cyber Threat Intelligence - 31st January 2024

TR-78 - CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection) for Ivanti Connect Secure and Ivanti Policy Secure Gateways - 11th January 2024

TR-77 - Spear phishing and voice call scams targeting corporate executives and their accounting department - 30th August 2023

TR-76 - Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS - 14th August 2023

TR-75 - Unauthenticated remote code execution vulnerability in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) - CVE-2023-3519 - 21st July 2023

TR-74 - A heap-based buffer overflow vulnerability [CWE-122] in FortiOS - CVE-2023-27997 - 5th July 2023

TR-73 - Ransomware FAQ - 7th March 2023

TR-72 - Vulnerable Microsoft Exchange server metrics leading to alarming situation - 21st February 2023

TR-70 - Vulnerabilities in Microsoft Exchange CVE-2022-41040 - CVE-2022-41082 - 30th September 2022

New online service - Pandora Document and File Analysis - 7th March 2022

TR-68 - Best practices in times of tense geopolitical situations - 1st March 2022

TR-65 - Vulnerabilities and Exploitation of Log4j (Remote code injection in Log4j)

[Previous news]