The Biden administration is finalizing an executive order to enhance US cybersecurity. Meanwhile, Ivanti has released urgent updates to address a crucial zero-day vulnerability and a serious vulnerability has been identified in Kerio Control firewall software. Other cyber issues include a phishing campaign exploiting CrowdStrike’s recruitment branding and a medical billing company data breach impacting over 360,000. Lastly, a cyberattack has disrupted the city of Winston-Salem.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is