The HHS Office for Civil Rights (OCR) plans to increase investigations into smaller data breaches in healthcare organizations. The OCR will prioritize investigations based on the size of the breach, whether any protected health information was stolen, and the nature of the data involved. The OCR aims to address noncompliance with HIPAA regulations and improve security measures across the healthcare industry.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is