Policy
-
UK Drops Apple Backdoor Mandate as U.S. Vows to Protect Americans’ Civil Liberties over Encryption
The U.K. reportedly abandoned a government plan to compel Apple to weaken encryption and enable a backdoor, signaling a shift in how authorities approach access to encrypted data while U.S. officials emphasize protecting civil liberties for Americans.
-
N-able N-central: More Than 800 On-Premises Servers Remain Unpatched as Two Critical Flaws See Active Exploitation
More than 800 N-able N-central servers remain unpatched against two critical, actively exploited flaws (CVE-2025-8875 and CVE-2025-8876), prompting federal and private-sector action as researchers warn that thousands of instances remain exposed online. Patch guidance and regulatory responses are being rolled out as investigations continue into the scope of exploitation.
-
Dutch Public Prosecution Service Begins Phased Relaunch After Cyberattack Delays Speed-Camera Network
Dutch prosecutors have begun a phased relaunch after a July cyberattack tied to Citrix vulnerabilities, with dozens of speed cameras still offline. The outage follows the first step in restoring services, including email access, as authorities coordinate with the judiciary and victim-support organizations amid ongoing concerns about system-wide interconnections.
-
NIST proposes AI security overlays built on SP 800-53, invites public feedback
NIST published a concept paper proposing a framework of AI security overlays built on SP 800-53 and opened a public call for input, detailing use cases like generative, predictive, and agentic AI while inviting feedback through COSAIS channels.
-
CISA Adds Two N-able N-central Vulnerabilities to KEV; MSP Patch Push Underway
U.S. authorities added two vulnerabilities in N-able N-central to the Known Exploited Vulnerabilities catalog, while noting no public exploitation has been reported. The flaws—CVE-2025-8875 (insecure deserialization) and CVE-2025-8876 (command injection)—require authentication and have been patched in N-central versions 2025.3.1 and 2024.6 HF2, with upgrades urged for on-premises deployments.
-
Russia Restricts Voice Calls on WhatsApp, Telegram as Moscow Pushes National Messaging App Max
Russia’s Roskomnadzor has begun restricting voice calls on WhatsApp and Telegram, saying the apps fuel crime and violence, as Moscow presses ahead with a domestic messaging app called Max. WhatsApp and Telegram push back on encryption and moderation efforts, while lawmakers and media reports highlight a broader battle over secure communication and surveillance.
-
Croatian Research Institute Confirms Ransomware Attack via ToolShell Vulnerabilities
The Ruđer Bošković Institute in Croatia confirmed it was among thousands of institutions hit by ransomware exploiting SharePoint ToolShell vulnerabilities, encryption of administrative data, a pledge not to pay ransom, and ongoing forensic investigations.
-
US, allies disrupt BlackSuit ransomware network; servers seized and funds frozen as researchers warn of rebranding to Chaos ransomware
U.S. and international partners disrupted the BlackSuit ransomware network, seizing servers and freezing about $1.09 million, while security researchers warn the group may have rebranded as Chaos ransomware and remain a threat.
-
Over 29,000 Microsoft Exchange Servers Remain Vulnerable to Severe Exploit
Over 29,000 Microsoft Exchange servers remain unpatched against a critical security flaw, CVE-2025-53786, which allows attackers to escalate privileges and potentially compromise entire domains. This vulnerability has prompted emergency directives from U.S. federal agencies to enforce patching.
-
U.S. Federal Judiciary Confirms Cyberattack on Case Management System
The U.S. Federal Judiciary has confirmed a cyberattack on its electronic case management systems, leading to increased cybersecurity measures to protect sensitive court documents. Enhanced protections are in response to rising sophisticated cyber threats affecting public and private sectors. The breach reportedly exposed confidential information across multiple federal districts.
