New York’s Attorney General has fined insurance companies Geico and Travelers Indemnity Company a total of $11.3 million for data breaches that exposed personal information of over 120,000 people. These breaches happened during the COVID-19 pandemic, which highlighted serious flaws in both companies’ cybersecurity. The New York Department of Financial Services, DFS, announced the penalties, highlighting the importance of adopting robust security measures to protect sensitive customer data.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is