HomeMultiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution

Multi-State Information Sharing and Analysis Center®

The mission of the MS-ISAC® is to improve the overall cybersecurity posture of U.S. State, Local, Tribal, and Territorial (SLTT) government organizations through coordination, collaboration, cooperation, and increased communication.

Join the MS-ISAC
Alert Level guarded
On July 9, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Google, Microsoft, Fortinet, and Mozilla products.
About this threat
Learn what are the alert levels and how they can serve your organization
Alert Levels

MS-ISAC® at a Glance

As a trusted cybersecurity partner for 18,000+ U.S. State, Local, Tribal, and Territorial (SLTT) government organizations, we cultivate a collaborative environment for information sharing in support of our . We offer members incident response and remediation support through our team of security experts and develop tactical, strategic, and operational intelligence, and advisories that offer actionable information for improving cyber maturity. 

The MS-ISAC is partially funded by Congress through a cooperative agreement administered by CISA. The MS-ISAC is a division of the Center for Internet Security (CIS) and is autonomously guided by its Executive Committee and member organizations.

Impact of Funding Cuts to SLTTs

The MS-ISAC is the only initiative offering cyber threat intelligence, incident response support, and real-time information sharing programs not performed by the federal government. The federal government recently canceled funding for MS-ISAC operations. Learn how these funding cuts will impact SLTTs across the nation.

Learn More

Benefits

  • 24x7x365 Security Operations Center (SOC) offering threat intelligence, detection, and response assistance
  • Regular webinars examining critical and timely cybersecurity issues
  • Access to an annual cybersecurity self-assessment to review your cybersecurity maturity - Nationwide Cybersecurity Review (NCSR)
  • Cybersecurity tools and resources, including a CIS SecureSuite Membership
  • Cybersecurity Advisories and Notifications
  • Access to Secure Portals for Communication and Document Sharing
  • Cyber Alert Map
  • Weekly Top Malicious Domains/IP Report
  • Monthly Members-only Webinars

Explore ms-isac Services

Our Partners

  • US Department of Homeland Security
  • US CERT
  • Stop Think Connect
  • Nascio
  • Global Cyber Alliance
  • Water ISAC
  • COSN
  • NW3C
  • Cybercrime
  • Cyber Threat Alliance
  • NFCA
  • National Governors Association
  • National Council Isacs
  • PTI
  • E-ISAC
  • NACo
  • Global Resilience Federation
  • DNG-ISAC

Not a member yet?

The MS-ISAC is open to all U.S. SLTT government organizations.

Join the MS-ISAC

See Membership FAQs How To Report an Incident

CIS is Home to the MS-ISAC

As an member, you'll get access to a community that will help you stay up to date on cyber threats facing your industry.

The MS-ISAC is partially funded by Congress through a cooperative agreement administered by CISA. The MS-ISAC is a division of the Center for Internet Security (CIS) and is autonomously guided by its Executive Committee and member organizations.

Learn how U.S. State, Local, Tribal, and Territorial (SLTT) entities can report a cybersecurity incident.


 

Election Related Resources

 
Election Security Tools and Resources

MS-ISAC-Logo

Already a member?

 

View MS-ISAC Charter

Meet our MS-ISAC Executive Committee

visit MS-ISAC Services

Report a cybersecurity Incident

Tackling Audits and Cloud Security Efficiently and at Scale

View Case Study

Cybersecurity threats updates and more

Get timely updates by CIS and MS-ISAC cybersecurity experts on current online security threats and more.

Cybersecurity Threats Updates
See all important Updates

We value your questions and feedback

At CIS, we are committed to serving the greater IT security community.

Contact Us Today

Information Hub

MS-ISAC

Advisory07.09.2025
Multiple Vulnerabilities in Mozilla Thunderbird Could Allow for Arbitrary Code Execution
Read More
Advisory07.08.2025
A Vulnerability in FortiWeb Could Allow for SQL Injection
Read More
White Paper05.15.2025
Leveraging Generative Artificial Intelligence for Tabletop Exercise Development
Read More
Blog Post04.23.2025
Top 10 Malware Q1 2025
Read More