Personal data of 616 Minnesota veterans may have been exposed in a cyber attack on the Veterans Health Administration (VHA). The agency is informing over 2,300 veterans nationwide that their data, including full name, medical records and social security number, may have been stolen. The compromised information was on a server managed by contracted firm, DBP. The server is now offline and DBP has also bought new hardware and additional security controls.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and