Netgear released firmware patches to fix stored XSS and authentication bypass flaws in the XR1000 Nighthawk gaming router and CAX30 Nighthawk AX6 6-Stream cable modem routers, respectively.

Palo Alto Networks has released security updates to address five vulnerabilities in its products, including a critical flaw in the Expedition tool that could enable admin account takeover.

The new cyber-defense facility, dubbed NATO Integrated Cyber Defence Centre (NICC), will be located in Belgium at SHAPE and will consist of civilian and military experts from member states.

The Office of Management and Budget has issued a memorandum outlining the administration’s cybersecurity priorities for fiscal year 2026, aligning with the national cybersecurity strategy.

The US government is pressuring software manufacturers to address operating system command injection vulnerabilities following high-profile threat actor campaigns exploiting these flaws in 2024.

The U.S. Government Accountability Office’s annual assessment of the Defense Department’s IT spending revealed that several programs lack approved cybersecurity strategies, leaving them vulnerable to potential cyberattacks.

McAfee Labs has uncovered a unique malware delivery method called the “Clickfix” infection chain, which starts with users being directed to compromised websites and instructed to paste a script into a PowerShell terminal.

Federal research agencies will now require covered institutions to implement cybersecurity programs for research and development security due to threats from China. The goal is to increase awareness of security threats and enable apt responses.