The UK government has released its Cyber Security and Resilience Bill plans, seeking to bolster public service cyber defences, especially for the NHS. The legislation, expected to be introduced in 2025, will mandate stronger cybersecurity from organisations and suppliers, and allow for improved threat assessment and responsiveness. Around 1,000 service providers will be impacted, and the bill also provides greater regulatory flexibility to respond to future threats.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is