News
Short updates on security, GRC, and AI developments, with enough context to be worth reading.
- Brief
SEC Forms New Retail Fraud Working Group
Summary: The Securities and Exchange Commission today announced the creation of the Retail Fraud Working Group designed to strengthen the Division of Enforcement’s efforts to …Read brief - Brief
CISA Adds One Known Exploited Vulnerability to Catalog
Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
CISA Adds Three Known Exploited Vulnerabilities to Catalog
Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
Digi International PortServer TS, Digi One SP IA
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and gain access to restricted resources, obtain …Read brief - Brief
Hitachi Energy e-mesh EMS
Summary: View CSAF Summary Hitachi Energy is aware of a buffer overflow vulnerability that affects e-mesh EMS product versions listed in this document. Why it matters: This matters …Read brief - Brief
Hitachi Energy PROMOD V
Summary: View CSAF Summary Hitachi Energy is aware of insecure HTTP transmission vulnerability in PROMOD V product versions listed in this document. Why it matters: This matters if …Read brief - Brief
Hydro-Québec Le Circuit Electrique charging station backend
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could lead to privilege escalation, or result in a denial-of-service attack. Why it matters: This …Read brief - Brief
Siemens Mendix Studio Pro
Summary: View CSAF Summary Mendix Studio Pro versions before V11.12 are affected by a file parsing vulnerability that could be triggered when the application reads specially …Read brief - Brief
SEC Names Paul Knight as Chief Operating Officer
Summary: The Securities and Exchange Commission today announced that Paul Knight has been named as the agency’s Chief Operating Officer (COO).As COO, Mr. Why it matters: This …Read brief - Brief
FTC Warns Companies Making Questionable ‘Made in the USA' Claims
Summary: The Federal Trade Commission today issued warning letters to seven companies that appear to have misrepresented certain products as “Made in the USA,” and one company that …Read brief - Brief
CubeSpace CW0057 Reaction Wheel
Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to upload arbitrary malicious firmware to the device. Why it matters: This matters …Read brief - Brief
FTC and DOJ Issue Fiscal Year 2025 Hart-Scott-Rodino Annual Report
Summary: The Federal Trade Commission and the Department of Justice’s (DOJ) Antitrust Division released their 48th Annual Hart-Scott-Rodino (HSR) Report. Why it matters: This …Read brief - Brief
FTC Approves Final Order Against Publishing.com, Settling Allegations It Misled Consumers
Summary: The Federal Trade Commission finalized an order with Publishing.com LLC and its two principals, settling allegations that they misled consumers about how much money …Read brief - Brief
Gardyn IoT Hub
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow unauthenticated users to access and control IoT Hub managed devices. Why it matters: This …Read brief - Brief
ST Engineering iDirect iQ-Series Terminals
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to device information or cause a denial-of-service …Read brief