FCA Annual Work Programme 2026/27 Strategic Priorities

The Financial Conduct Authority (FCA) has published its annual work programme for 2026/27, outlining strategic priorities for the second year of its 5-year strategy. The programme details planned activities across four key themes: being a smarter regulator, supporting growth, helping consumers, and fighting financial crime.

FCA consults on regulated fees and levies for 2026/27

The FCA is consulting on proposed regulatory fees and levies for the 2026/27 period. This consultation seeks feedback on rates intended to fund the FCA and the Financial Ombudsman Service, as well as collect levies for government departments. The consultation is open to all FCA fee-payers and relevant levy payers.

FCA Perimeter Report on Regulatory Remit and Current Issues

The FCA has published its Perimeter Report, detailing its regulatory remit and current issues at the edge of its scope. The report highlights areas where legislative change may be needed to address emerging risks, close consumer protection gaps, and support economic growth, particularly concerning technological advancements like AI.

Florida Seafloor Mapping Initiative Reaches Milestone

The Florida Department of Environmental Protection announced a major milestone in its Seafloor Mapping Initiative (FSMI), completing airborne LiDAR data collection and receiving the majority of vessel-based sonar data. The initiative aims to create the most comprehensive map of Florida's seafloor, with data expected to be publicly available in fall 2026.

PTC Windchill Vulnerability Allows Remote Code Execution

CISA issued an advisory regarding a critical remote code execution vulnerability (CVE-2026-4681) affecting multiple versions of PTC Windchill and FlexPLM. Successful exploitation could allow an attacker to gain control of affected systems.

CISA Advisory: OpenCode Systems OC Messaging and USSD Gateway Vulnerability

CISA has issued an advisory regarding a critical vulnerability (CVE-2025-70614) in OpenCode Systems OC Messaging and USSD Gateway versions 6.32.2. Successful exploitation could allow an authenticated low-privileged user to gain unauthorized access to SMS messages. OpenCode Systems has released version 6.33.11 to address the vulnerability.

WAGO Industrial Managed Switches Vulnerability Disclosed

CISA has disclosed a critical vulnerability (CVE-2026-3587) affecting multiple versions of WAGO Industrial Managed Switches. An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to gain full compromise of the device. Affected sectors include Commercial Facilities, Critical Manufacturing, Energy, and Transportation Systems.

CISA Adds CVE-2026-33634 to Known Exploited Vulnerabilities Catalog

CISA has added CVE-2026-33634, an Aqua Security Trivy vulnerability, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. This action mandates remediation for Federal Civilian Executive Branch (FCEB) agencies under Binding Operational Directive (BOD) 22-01.

Justice Department Sues SeaWorld Over Wheeled Walker Ban

The Justice Department has sued United Parks & Resorts Inc. (UPR), which operates SeaWorld and other theme parks, alleging its policy banning wheeled walkers with seats violates the Americans with Disabilities Act (ADA). The lawsuit seeks to end the discriminatory policy, modify park practices, and obtain monetary damages and civil penalties.

DOJ Investigates California and Maine Prison Housing Practices

The Department of Justice has initiated federal investigations into California and Maine regarding their practices of housing biological men in women's prisons. These investigations will determine if these practices violate the constitutional rights of female prisoners, specifically concerning safety and equal protection.