Markwayne Mullin Appointed Secretary of Homeland Security
The Department of Homeland Security (DHS) has announced Markwayne Mullin as the 9th Secretary of Homeland Security. The notice provides a biographical overview of Secretary Mullin, highlighting his prior service in the U.S. Senate and House of Representatives, his business background, and his tribal affiliation.
Eric Ruark Appointed Assistant Secretary for Border Security and Immigration
The Department of Homeland Security announced the appointment of Eric Ruark as the Assistant Secretary for Border Security and Immigration (BSI). In this role, Mr. Ruark will manage and implement strategies and policies to maintain the integrity of the U.S. immigration system and promote cooperation on border security and immigration matters across DHS Components.
US Coast Guard Board for Correction of Military Records Ruling
The U.S. Coast Guard Board for Correction of Military Records has issued a ruling regarding the correction of military records. The ruling document is available for download, with the publication date listed as February 24, 2026.
Mike Fullerton - Assistant Secretary, Office for State and Local Law Enforcement
The Department of Homeland Security updated the leadership page for Mike Fullerton, Assistant Secretary for the Office for State and Local Law Enforcement. The page details his experience and role in advising the Secretary on state, local, tribal, territorial, and campus law enforcement matters.
ICE Letter to Representative Escobar on Detainee Interactions
ICE has issued a letter to Representative Escobar addressing interactions with ICE and ICE detainees. The letter, dated March 19, 2026, provides clarification on these interactions.
NIST Sends Reference Materials to ISS for Health Study
NIST has sent seven reference materials, including house dust and human liver tissue, to the International Space Station (ISS) for a health study. These materials will help researchers understand the effects of the space environment on manufacturing and human health, supporting U.S. leadership in the commercial space sector.
Draft NIST Cyber AI Profile for Cybersecurity Guidelines
NIST has released a draft Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile) to guide organizations in integrating AI while managing cybersecurity risks. The profile focuses on securing AI systems, using AI for cyber defense, and thwarting AI-enabled attacks.
NIST Guidelines for Securing Smart Speakers in Home Health Care
NIST has released new guidelines to mitigate cybersecurity and privacy risks associated with integrating smart speakers into home health care systems. The guidelines aim to protect patient confidentiality and provider data in telehealth applications utilizing voice-activated digital assistants.
NIST CAISI Seeks Input on Securing AI Agent Systems
NIST's Center for AI Standards and Innovation (CAISI) has issued a Request for Information (RFI) to gather insights on securing AI agent systems. The RFI seeks input on unique security threats, methods for improvement, and measurement approaches for these autonomous systems.
NIST Launches AI Agent Standards Initiative
NIST announced the launch of its AI Agent Standards Initiative to foster industry-led standards and protocols for AI agents, focusing on security and interoperability. The initiative aims to build public trust and catalyze widespread adoption of autonomous AI systems.
DHS Faces Major Management and Performance Challenges
The DHS Office of Inspector General has identified major management and performance challenges facing the Department, including fragmentation in hiring processes, financial stewardship, and information management and security. The report highlights persistent silos among DHS components, leading to resource duplication and inconsistent outcomes.
DHS Preparation for End of Title 42 Order
The DHS Office of Inspector General issued a final report reviewing DHS and CBP preparation for the end of the Title 42 public health order. The report contains four recommendations, two of which are considered open and unresolved, requiring further action from CBP within 90 days.
CBP Has Not Evaluated Security Risks of Interview-Waived Visa Holders
The DHS Office of Inspector General issued a report finding that U.S. Customs and Border Protection (CBP) has not evaluated the security risks associated with nonimmigrant U.S. visa holders whose interviews were waived by the Department of State. The report includes one recommendation for improving risk assessments, which CBP has concurred with.
Covert Tests Assess TSA Screening Technologies and Officer Effectiveness
The DHS Office of Inspector General conducted covert tests to evaluate the effectiveness of TSA's checkpoint screening technologies and personnel in preventing threat items on commercial aircraft. The report, OIG-26-01, details findings from these tests, though specific information may be classified.
DHS FY 2025 Financial Statements and Internal Control Audit
The DHS Office of Inspector General released an audit report on the Department's FY 2025 financial statements and internal controls. While the financial statements received an unmodified opinion, an adverse opinion was issued on internal controls due to five material weaknesses and one significant deficiency. The report also noted noncompliance with two laws.
Identifying AI-Generated Evidence and Holding Counsel Accountable
This article from JD Supra discusses the increasing prevalence of AI-generated evidence in legal proceedings and provides guidance for attorneys on how to identify and authenticate such evidence. It emphasizes the importance of critical evaluation, metadata analysis, and expert consultation to ensure the integrity of evidence and hold counsel accountable for its use.
European Cybersecurity M&A Climbs Amid Accelerating AI-Driven Attacks
European cybersecurity M&A is projected to increase due to a rise in AI-driven attacks and new EU regulations like NIS2 and the Cyber Resilience Act. The European cybersecurity market is expected to grow significantly, driven by increased investment and regulatory mandates for enhanced cyber defenses.
AI Pricing and Evidence Avoidance: Competition Law Risks
JD Supra highlights emerging competition law risks associated with AI-powered pricing and evidence avoidance tools. The guidance warns companies that traditional antitrust principles apply to algorithmic conduct, citing enforcement actions in the EU, UK, and US that have resulted in significant fines.
Trump Administration AI Regulation Framework and Proposed Bill
The Trump administration released a National Policy Framework for Artificial Intelligence, outlining a non-binding 'wish list' for federal AI regulation. This framework, alongside a draft bill from Senator Marsha Blackburn, signals significant movement towards comprehensive federal AI legislation, emphasizing federal preemption of state laws and a 'light-touch' approach using existing agencies.
EU Legal Professional Privilege Challenged by AI Confidentiality Risks
This article discusses how the adoption of Generative AI tools poses new challenges to legal professional privilege (LPP) under EU law. It highlights concerns that using AI may inadvertently undermine LPP protections, potentially exposing communications to public authorities. The guidance aims to identify key challenges and offer practical advice for safeguarding LPP.
F5 BIG-IP RCE Vulnerability (CVE-2025-53521)
CISA has issued a notice regarding a critical RCE vulnerability (CVE-2025-53521) in F5 BIG-IP APM. The vulnerability has a CVSS score of 9.8 and is actively exploited. Affected versions require immediate attention.
CISA Adds CVE-2025-53521 to Known Exploited Vulnerabilities Catalog
CISA has added CVE-2025-53521, a remote code execution vulnerability in F5 BIG-IP, to its Known Exploited Vulnerabilities (KEV) Catalog. This addition is based on evidence of active exploitation and requires Federal Civilian Executive Branch agencies to remediate the vulnerability.
ICE Arrests Criminal Illegal Aliens for Murder, Child Pornography, Drug Trafficking
U.S. Immigration and Customs Enforcement (ICE) announced the arrest of criminal illegal aliens convicted of serious offenses including murder, child pornography production, and drug trafficking. The press release highlights ICE's efforts to remove public safety threats from communities.
DHS Criticizes Manhattan DA for Plea Deal to Illegal Alien Child Rapist
The Department of Homeland Security (DHS) has strongly criticized the Manhattan District Attorney's Office for offering a six-month plea deal to an illegal alien charged with child rape. DHS expressed concern that the plea deal, which includes time served, is insufficient for the severity of the crime and undermines public safety.
Grafana Vulnerabilities Allow File Manipulation and DoS
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Grafana versions prior to 12.3.6, 12.2.8, 12.1.10, 11.6.14, and 12.4.2. These vulnerabilities allow authenticated remote attackers to manipulate files or cause a denial-of-service condition. Mitigation is available.
Siemens SICAM Vulnerabilities Allow Denial of Service Attacks
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Siemens SICAM SCADA systems. These vulnerabilities, with a CVSS base score of 7.5, can be exploited by attackers to perform Denial of Service attacks. Affected products include Siemens SICAM CPCI85, RTUM85, and SICORE with versions prior to specific updates.
Tigervnc Vulnerability: Info Disclosure, File Manipulation, DoS
CERT-Bund has issued a security advisory for Tigervnc, detailing vulnerabilities that could lead to information disclosure, file manipulation, and denial of service. The advisory affects Tigervnc versions prior to 1.16.2 on Linux, UNIX, and Windows systems.
WatchGuard Firebox Vulnerabilities
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in WatchGuard Firebox products, with a base CVSS score of 6.7. The advisory details affected versions and potential impacts, including remote code execution and denial of service.
vllm vulnerability allows remote code execution
CERT-Bund has issued a security advisory regarding a critical vulnerability (CVSS 8.8) in the open-source vLLM library, which allows remote code execution. The advisory affects versions prior to 0.18.0 and impacts Linux and UNIX operating systems. Mitigation information is available.
Hitachi Virtual Storage Platform Vulnerabilities
CERT-Bund has issued a security advisory regarding critical vulnerabilities (CVSS 9.8) in Hitachi Virtual Storage Platform. The vulnerabilities allow for remote code execution and authentication bypass. Mitigation measures are available.
SmarterTools SmarterMail Multiple Vulnerabilities
CERT-Bund has issued a security advisory for SmarterTools SmarterMail, detailing multiple vulnerabilities that could allow an unspecified attack. The advisory highlights affected systems including Windows and UNIX, and notes that a mitigation is available. The CVSS base score is 6.5 (medium).
Dovecot Vulnerabilities Allow SQL Injection, Authentication Bypass, Info Exposure
CERT-Bund has issued a security advisory for Dovecot, an open-source email server, detailing multiple vulnerabilities. These flaws, with a CVSS base score of 7.7, can be exploited by attackers to perform SQL injection, bypass authentication, expose sensitive information, or cause denial-of-service conditions. Mitigation is available.
LangChain vulnerability allows information disclosure
CERT-Bund has issued a security advisory regarding a vulnerability in the LangChain open-source framework. The vulnerability allows remote attackers to disclose information, with a CVSS base score of 7.5. The advisory affects versions prior to 1.2.22.
IBM App Connect Enterprise Critical Vulnerabilities
CERT-Bund has issued a security advisory regarding critical vulnerabilities in IBM App Connect Enterprise versions prior to 11.6.0, 12.21.0, and 12.0.22. The vulnerabilities, with a CVSS base score of 9.8, could allow attackers to manipulate files, cause denial of service, execute arbitrary code, or perform cross-site scripting attacks.
n8n SQL-injection vulnerability, CVSS 8.8
CERT-Bund has issued a security advisory for n8n, detailing a critical SQL-injection vulnerability (CVSS 8.8) affecting versions prior to 1.123.26, 2.14.1, and 2.13.3. The vulnerability allows remote authenticated attackers to execute SQL injection attacks. Mitigation is available.
OpenClaw AI assistant vulnerabilities
CERT-Bund has issued a security advisory for OpenClaw, a personal AI assistant, detailing multiple critical vulnerabilities. The advisory highlights risks including elevated privileges, arbitrary code execution, and denial-of-service attacks, with a CVSS base score of 8.8.
Internet Systems Consortium Kea Vulnerability Allows Denial of Service
CERT-Bund has issued a security advisory regarding a vulnerability in Internet Systems Consortium Kea, a DHCP server implementation. The vulnerability, with a CVSS base score of 7.5, allows remote attackers to cause a denial of service. Affected versions include Kea <2.6.5 and <3.0.3.