The Cybersecurity and Infrastructure Security Agency (CISA) has released a report assessing healthcare sector risk and vulnerability, along with cybersecurity recommendations. The report highlights the importance of safeguarding data and operations in a compromise-prone environment.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and