https://www.bleepingcomputer.com/news/security/cisa-orders-federal-orgs-to-mitigate-pulse-secure-vpn-bug-by-friday/

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a new emergency directive ordering federal agencies to mitigate an actively exploited vulnerability in Pulse Connect Secure (PCS) VPN appliances on their networks by Friday.

CISA issued the Emergency Directive (ED) 21-03 Tuesday after Pulse Secure confirmed a FireEye report saying that at least two state-backed threat groups exploited the bug (tracked as CVE-2021-22893) to breach government and defense organizations in the US and across the globe.