The Department of Health and Human Services (HHS) said that data does not suggest medical device vulnerabilities are common cybersecurity exploits. However, these devices require attention due to potential cybersecurity threats. The FDA and CISA have been managing medical device cybersecurity coordination, but their five-year-old agreement needs updating. Moreover, new legislation empowers the FDA to require manufacturers to submit plans for monitoring and addressing vulnerabilities on new devices.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is