National Public Data (NPD), a data broker that collects information used in background checks, has filed for Chapter 11 bankruptcy following a significant data breach. A hacker stole a database alleged to contain data from 2.9 billion individuals, leading to class action lawsuits and state and federal government investigations. With limited assets and considerable liability, NPD is unlikely to stay in business.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and