The US Department of Health and Human Services (HHS) is proposing an update to the HIPAA Security Rule that will force healthcare organizations to improve their cybersecurity measures. This update comes amid growing data breaches in the healthcare industry. Proposed amendments consist of best practices in cybersecurity like multifactor authentication, encryption of electronic protected health information, network segmentation, and vulnerability scanning.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and