WYTEC INTERNATIONAL INC 8-K Filing
Wytec International Inc. filed an 8-K form with the SEC on February 3, 2026, disclosing information related to cybersecurity incidents. This filing is part of the SEC's ongoing efforts to enhance transparency regarding cybersecurity risks for public companies.
UFP Technologies Inc. - Material Cybersecurity Incident Disclosure
UFP Technologies, Inc. has filed a Form 8-K to report a material cybersecurity incident detected on February 14, 2026. The incident impacted IT systems, including billing and label making, and resulted in the suspected theft or destruction of company data. The company is investigating the extent of sensitive information exfiltrated.
CareCloud Inc. 8-K Filing - Cybersecurity Incident Disclosure
CareCloud Inc. filed an 8-K with the SEC on March 27, 2026, to disclose a material cybersecurity incident. The filing details the nature of the incident and its potential impact on the company's operations and financial condition.
TeamPCP Supply-Chain Campaign Targets Open-Source Projects with Malware
The Singapore Cyber Security Agency (CSA) has issued an advisory regarding the ongoing 'TeamPCP' supply-chain campaign. This campaign compromises open-source projects to distribute malware that steals credentials, affecting components from Aqua Security, LiteLLM, CheckMarx, and multiple NPM packages. Organizations using affected components are advised to assess their environments for compromise and rotate secrets immediately.
Spring AI Vulnerabilities Allow Code Execution, SSRF, Policy Bypass
CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Spring AI. These vulnerabilities could allow attackers to achieve remote code execution, server-side request forgery (SSRF), and security policy bypass. Affected versions include Spring AI 1.0.x prior to 1.0.5 and 1.1.x prior to 1.1.4.
Siemens Product Vulnerabilities Allow Remote Denial of Service
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Siemens products, including CPCI85 Central Processing/Communication and SICORE Base system. These vulnerabilities allow for remote denial of service attacks. Affected versions are prior to 26.10. Customers are advised to consult Siemens' security bulletin for patch information.
NetApp Products Vulnerabilities Affecting Data Integrity and Confidentiality
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in NetApp products, including Active IQ Unified Manager and ONTAP. These vulnerabilities could lead to data integrity and confidentiality breaches, as well as remote denial-of-service attacks. Affected users are advised to consult NetApp security bulletins for patch information.
IBM Products Multiple Vulnerabilities Identified
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in various IBM products. These vulnerabilities could allow attackers to cause remote denial of service, compromise data confidentiality, and affect data integrity. Affected systems include specific versions of IBM Security QRadar Log Management, Sterling Connect:Direct, and WebSphere Application Server.
Multiple Ubuntu Linux Kernel Vulnerabilities Allow Code Execution
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in the Ubuntu Linux kernel. These vulnerabilities could allow attackers to achieve arbitrary code execution, privilege escalation, and data breaches. Affected systems include various Ubuntu LTS and ESM releases.
Red Hat Linux Kernel Vulnerabilities
The French National Cybersecurity Agency (ANSSI) has issued a security advisory regarding multiple vulnerabilities in the Red Hat Linux kernel. These vulnerabilities could lead to data integrity and confidentiality breaches, denial of service, and arbitrary code execution.
SUSE Linux Kernel Vulnerabilities Allow Code Execution
CERT-FR has issued an advisory regarding multiple vulnerabilities in the SUSE Linux kernel. These vulnerabilities could allow for code execution and data compromise. The advisory references numerous SUSE security bulletins detailing the affected components and recommended actions.
Microsoft Products Vulnerability Advisory CVE-2026-4519
CERT-FR has issued an advisory regarding a vulnerability (CVE-2026-4519) in Microsoft products, specifically affecting azl3 python3 versions prior to 3.12.9-10. The advisory directs users to Microsoft's security bulletin for patch information.
Zabbix Vulnerabilities Allow Remote Denial of Service
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Zabbix versions prior to 7.0.22 with the latest security patch. These vulnerabilities could allow remote denial of service and security policy bypass. Users are advised to consult the Zabbix security bulletin for patch information.
Traefik Vulnerabilities Allow Security Policy Bypass
The French National Cybersecurity Agency (ANSSI) has issued an advisory regarding multiple vulnerabilities discovered in Traefik software. These vulnerabilities could allow an attacker to bypass security policies. Affected versions of Traefik require immediate patching.
EU Digital Omnibus, CSAM detection, AI Act, ICO guidance updates
The IAPP Privacy News reports on developments in the EU Digital Omnibus on AI, with interinstitutional negotiations underway and a potential June vote. Discussions on the data counterpart, the Digital Omnibus, are ongoing, facing criticism regarding cybersecurity incident reporting. The temporary derogation for voluntary CSAM detection will not be extended, creating a potential legal vacuum.
US State Data Breach Notification Laws Resource Updated
The IAPP has updated its resource chart detailing US state data breach notification laws. The update highlights variations in definitions of personal information and coverage, noting that while all states have such laws, they often define 'personal information' more narrowly than comprehensive privacy laws and primarily focus on data relevant to identity theft and financial fraud.
India's DPDPA Faces Legal Challenges and AI Risks
India's Digital Personal Data Protection Act (DPDPA) is facing legal challenges, including petitions to the Supreme Court and Kerala High Court concerning fundamental rights, data breach compensation, and state exemptions. The government also outlined legal safeguards for AI risks, referencing existing acts and new guidelines.
CISA KEV: Trivy Supply Chain Attack - Credential Theft
CISA has added a vulnerability to its Known Exploited Vulnerabilities (KEV) catalog related to a March 19, 2026, supply chain attack on Trivy. A threat actor used compromised credentials to publish malicious versions of Trivy and its GitHub Actions, impacting users who pulled affected artifacts.
Cetera Financial Group Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice for Cetera Financial Group. The notice informs consumers about a data security incident that may have affected their personal information. Specific details regarding the breach and affected data were not provided in the summary notice.
Titan Roofing Data Breach Notice to Consumers
The Vermont Attorney General's Office has issued a data breach notice regarding Titan Roofing. The notice informs consumers about a data breach that may have compromised their personal information. Specific details on the breach and affected data are provided within the document.
Summit Insurance Services Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice from Summit Insurance Services to consumers. The notice, dated March 26, 2026, details a security incident affecting consumer data.
College of Health Care Professionals Data Breach Notice
The Vermont Attorney General's Office has issued a data breach notice concerning the College of Health Care Professionals. The notice informs consumers about a data security incident that may have compromised personal information.
Ailco Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice concerning Ailco. The notice, dated March 26, 2026, informs consumers about a data breach incident involving Ailco.
Schubert Organization Inc. Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice from The Schubert Organization Inc. to consumers. The notice, dated March 20, 2026, details a security incident affecting consumer data.
STRATeBEN Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice from STRATeBEN to consumers. The notice, dated March 26, 2026, details a security incident affecting consumer data. The document is a notification of the breach and its potential impact.
UFCW Local 342 Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice for UFCW Local 342, informing consumers about a security incident. The notice provides a link to a PDF document detailing the breach and its implications for affected individuals.
Health Management Systems America Data Breach Notice
The Vermont Attorney General's Office has issued a data breach notice regarding Health Management Systems of America. The notice informs consumers about a data breach that may have compromised their personal information, requiring specific actions to protect themselves.
Navia Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice from Navia for consumers, dated March 23, 2026. This notice informs consumers about a data security incident affecting their personal information.
Hightower Holdings LLC Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice from Hightower Holdings LLC to consumers. The notice, dated March 23, 2026, informs consumers about a data security incident affecting their personal information. The document is a notification of a breach, not an enforcement action or new regulation.
Coalesce LLC Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice from Coalesce LLC, doing business as Benefitelect. The notice informs consumers about a data breach that occurred and provides a link to the official notification document.
Conduent Business Services Data Breach Notice to Consumers
The Vermont Attorney General's Office has issued a data breach notice concerning Conduent Business Services, LLC. The notice informs consumers about a data security incident that may have compromised personal information.
City of Washington Court House Data Breach Notice
The Vermont Attorney General's Office has published a data breach notice for the City of Washington Court House. The notice informs consumers about a data security incident that may have compromised personal information.
Information Technology: Data Format for Biometric Information Standard
NIST has published an updated standard for the interchange of fingerprint, facial, and other biometric information, ANSI/NIST-ITL 1-2025. This revision updates the previous 2011 standard with a 2015 update, providing a new data format for biometric data.
Company fined £100,000 for unsolicited marketing calls
The UK's Information Commissioner's Office (ICO) has fined TMAC Ltd £100,000 for making over 260,000 unsolicited marketing calls to numbers registered with the Telephone Preference Service (TPS). The company also misled recipients about their identity and targeted vulnerable individuals.
GDPR Enforcement Actions: Fines for Enel Energia, Bakeca; Minors' Data Risks
The Italian Data Protection Authority (Garante Privacy) has issued fines totaling over €500,000 against Enel Energia for illegal telemarketing practices and against Bakeca for online ads without consent. The newsletter also highlights risks associated with minors' data on websites and apps.