Utah Businesses Guided on Cash Rounding During Penny Shortage

The Utah Division of Consumer Protection has issued guidance to businesses on how to handle cash rounding during a national penny shortage. The guidance recommends a specific rounding methodology for cash-only transactions after taxes are calculated and requires businesses to provide notice of their chosen method.

FCA Later Life Mortgages Market Study Terms of Reference

The Financial Conduct Authority (FCA) has published the Terms of Reference for a new market study into the later life mortgages sector. The study will examine competition and consumer needs in the lifetime and retirement interest only (RIO) mortgage markets. The FCA is inviting stakeholder views on the scope of the study.

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. These vulnerabilities pose significant risks to the federal enterprise and CISA urges all organizations to prioritize their remediation.

Apple Buffer Overflow Vulnerability Fixed in Safari, iOS, macOS

CISA has added a buffer overflow vulnerability (CVE-2025-31277) affecting Apple products to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, which allows for memory corruption via maliciously crafted web content, has been addressed by Apple in recent software updates.

Craft CMS Remote Code Execution Vulnerability Fixed

CISA has updated its Known Exploited Vulnerabilities (KEV) catalog to include CVE-2025-32432, a critical remote code execution vulnerability in Craft CMS. The vulnerability affects versions 3.x, 4.x, and 5.x and has been patched by the vendor. Organizations are urged to update their Craft CMS instances to the latest versions to mitigate this risk.

Apple Products Memory Corruption Vulnerability

CISA has updated its Known Exploited Vulnerabilities (KEV) catalog to include CVE-2025-43510, a memory corruption vulnerability affecting various Apple products. The vulnerability, which could allow a malicious application to cause unexpected memory changes, has been addressed by Apple in recent software updates.

CISA: Apple Products Memory Corruption Vulnerability Addressed

CISA has issued an advisory regarding a memory corruption vulnerability (CVE-2025-43520) affecting various Apple products. The vulnerability, which could allow a malicious application to cause system termination or write kernel memory, has been addressed by Apple through software updates.

Livewire v3.6.3 Remote Command Execution Vulnerability Patched

CISA has issued a notice regarding a critical remote command execution vulnerability (CVE-2025-54068) in Livewire v3 up to v3.6.3. The vulnerability, which affects specific configurations and does not require authentication, has been patched in version 3.6.4.

DOE Partners SoftBank, AEP Ohio for AI Computing Infrastructure

The U.S. Department of Energy, in partnership with SoftBank and AEP Ohio, announced a public-private initiative to redevelop DOE land, modernize energy infrastructure, and develop advanced computing in Southern Ohio. The project includes 10 GW of new power generation and a 10 GW data center, aiming to lower electricity costs and create jobs.

WHB 2312 v. Uber Technologies - Product Liability Case Filing

A new civil case, WHB 2312 v. Uber Technologies, Inc. et al., has been filed in the U.S. District Court for the Northern District of California. The case is classified as a Personal Injury Product Liability action and was filed on March 20, 2026.