VMware Tanzu Spring Security Critical Flaws, CVSS 9.6

CERT-Bund published a critical security advisory WID-SEC-2026-1221 for VMware Tanzu Spring Security, assigning a CVSS Base Score of 9.6 (critical) and a CVSS Temporal Score of 8.3 (high). Multiple vulnerabilities allow a remote attacker to disclose information, bypass security measures, impersonate users, or manipulate data, potentially enabling privilege escalation, SSRF, or Cross-Site-Scripting attacks. Affected versions are VMware Tanzu Spring Security <6.5.10, <7.0.5, and <7.1.0-RC1. Organizations running these versions should apply mitigations immediately.

PackageKit Privilege Escalation Vulnerability Advisory (CVSS 8.8)

CERT-Bund published security advisory WID-SEC-2026-1233 on 21 April 2026 alerting to a privilege escalation vulnerability in Open Source PackageKit versions prior to 1.3.5. The vulnerability carries a CVSS Base Score of 8.8 (high) and a Temporal Score of 7.7 (high). Remote attack is not possible; exploitation requires local access to the affected system. CERT-Bund indicates a mitigation is available and recommends affected organisations apply patches or workarounds promptly.

Microsoft GitHub Enterprise Server: Multiple Vulnerabilities, CVSS 8.9 (High)

CERT-Bund issued a security advisory warning of multiple vulnerabilities in Microsoft GitHub Enterprise Server affecting versions prior to 3.20.1, 3.19.5, 3.18.8, 3.17.14, 3.16.17, and 3.15.21. The vulnerabilities carry a CVSS Base Score of 8.9 (High) and a CVSS Temporal Score of 7.7 (High), with remote attack capability confirmed. An attacker could exploit these flaws to bypass security controls, execute arbitrary code, and disclose information. Mitigation measures are available and organisations running affected versions should apply patches promptly.

CPython Vulnerability Allows Remote Attack, CVSS 8.6

CERT-Bund published security advisory WID-SEC-2026-1222 warning of a vulnerability in CPython versions prior to 3.15.0. The vulnerability carries a CVSS Base Score of 8.6 (high) and a Temporal Score of 7.5 (high), with remote attack capability confirmed. All major operating systems including Linux, UNIX, Windows, and other platforms are affected.

Multiple binutils Flaws Allow DoS, Code Execution

CERT-Bund published security advisory WID-SEC-2026-1217 disclosing multiple vulnerabilities in GNU binutils with a CVSS Base Score of 7.8 (high). The vulnerabilities affect Linux, UNIX, and other operating systems running the GNU Binary Utilities collection. A local attacker can exploit these flaws to conduct denial of service attacks or execute arbitrary code on affected systems.

HCL BigFix Flaw Allows Privilege Escalation

CERT-Bund published a security advisory regarding a vulnerability in HCL BigFix Service Management (versions prior to 27). The flaw, rated CVSS Base Score 8.3 (high) and CVSS Temporal Score 7.2 (high), allows a remote authenticated attacker to bypass security controls and potentially escalate privileges. The vulnerability affects systems running Linux, UNIX, and Windows. A mitigation is available.

Linux Kernel Multiple DoS Vulnerabilities CVSS 7.5

CERT-Bund published a security advisory on 21 April 2026 warning of multiple denial of service vulnerabilities in the Linux Kernel. The advisory carries a CVSS Base Score of 7.5 (high) and a CVSS Temporal Score of 6.5 (medium), with remote attack confirmed. A mitigation measure is available as of the advisory date.

Microsoft ASP.NET Privilege Escalation Vulnerability, CVSS 9.1 Critical

CERT-Bund, Germany's Federal Computer Emergency Response Team, issued a critical security advisory (WID-SEC-2026-1213) on 21 April 2026 regarding a privilege escalation vulnerability in Microsoft ASP.NET. The flaw, affecting versions prior to 10.0.7, carries a CVSS Base Score of 9.1 (Critical) and a Temporal Score of 7.9 (High), with confirmed remote attack feasibility. Mitigation measures are available, and the current status is dated 22 April 2026. Organizations running vulnerable Microsoft ASP.NET deployments should treat this as an immediate patching priority given the critical severity rating and confirmed remote exploitability.

Critical CVSS 9.9 Atlassian Vulnerabilities Affect Bamboo, Bitbucket, Confluence, Jira

CERT-Bund issued a critical security advisory (WID-SEC-2026-1229) regarding multiple vulnerabilities in Atlassian Bamboo, Bitbucket, Confluence, and Jira with a CVSS Base Score of 9.9 (critical) and Temporal Score of 8.6 (high). Affected versions include Bamboo before 12.1.6 and 10.2.18, Bitbucket before 10.2.2 and 9.4.19, Confluence before 10.2.10 and 9.2.19, and Jira before 11.3.4 and 10.3.19. A remote attacker can exploit these flaws to execute arbitrary code, bypass security controls, manipulate or disclose data, or conduct Cross-Site-Scripting attacks. Organizations running these products should apply patches immediately and review available mitigations.

IBM App Connect Enterprise <13.0.7.0 Multiple Critical Vulnerabilities Allow File Manipulation, DoS

CERT-Bund issued a critical security advisory (WID-SEC-2026-1220) for IBM App Connect Enterprise, rating the vulnerabilities CVSS Base Score 9.8 (kritisch) with a Remoteangriff (remote attack) capability confirmed. Affected versions are IBM App Connect Enterprise below version 13.0.7.0 and below version 12.0.12.25. An anonymous remote attacker can exploit multiple vulnerabilities to manipulate files and conduct denial of service attacks. Mitigation measures are available.

Fortra GoAnywhere MFT Mehrere Schwachstellen CVSS 7.3

CERT-Bund published security advisory WID-SEC-2026-1216 on April 21, 2026, disclosing multiple vulnerabilities in Fortra GoAnywhere MFT (Managed File Transfer) versions prior to 7.10.0. The vulnerabilities carry a CVSS Base Score of 7.3 (high) and a Temporal Score of 6.4 (medium), with remote attack capability confirmed. Affected organizations include any entity running GoAnywhere MFT on Windows, UNIX, or other operating systems that has not applied the vendor patch.

VantageScore 4.0, FICO 10T Adopted by FHA, GSEs

The Federal Housing Administration and the GSEs (Fannie Mae and Freddie Mac) announced they are implementing VantageScore 4.0 and FICO 10T as eligible credit scoring models for mortgage underwriting, effective immediately. This ends decades of reliance on older credit score models and introduces competition into the nation's mortgage market. Fannie Mae and Freddie Mac are immediately accepting Vantage-scored loans from approved lenders, and the change advances the Credit Score Competition Act of 2018.

RSCO School Choice Placement Offers Begin March 9 for 2026-27

The Connecticut State Department of Education's Greater Hartford Regional School Choice Office (RSCO) announced that placement notifications for Greater Hartford Region magnet and Open Choice programs will begin the week of March 9, 2026, and March 16, 2026, respectively. Placement notifications for CTECS Hartford Region technical high schools began in late February 2026. Additional rounds of placement offers will begin in April 2026 and continue through summer until approximately 6,000 seats are filled across the three programs for the 2026-2027 school year. Families who receive an offer have limited time to accept and register with the school.

Connecticut Highlights Continued Progress in Dyslexia and Structured Literacy Work

The Connecticut State Department of Education has highlighted continued statewide progress through the Office of Dyslexia and Reading Disabilities, established by statute in 2021, which supports efforts to advance structured literacy practices, strengthen educator preparation, and align statewide supports for students at risk for or identified with dyslexia and other reading difficulties. A key milestone was the unanimous adoption of Connecticut's first Educator Competencies for Structured Literacy and Dyslexia by the State Board of Education in May 2025, developed in partnership with the National Center on Improving Literacy and a diverse advisory group. The Department has also developed a draft audit framework to assess educator preparation program alignment to the Competencies, which will be refined through external stakeholder feedback.

Governor Lamont Establishes K-12 Education Funding Reform Commission, $500M Affordability Fund

Governor Ned Lamont signed Executive Order No. 26-3 establishing the Governor's Blue-Ribbon Commission on K-12 Education Funding and Accountability to conduct a comprehensive review of Connecticut's education funding system, including the Education Cost Sharing (ECS) grant. The commission, chaired by Deputy Chief of Staff Natalie Wagner and Vice-Chaired by Commissioner Charlene M. Russell-Tucker, must submit a strategic plan by January 15, 2027. Governor Lamont also announced he is working with legislative leaders to direct $500 million from the proposed affordability fund to support local school districts during the current fiscal year.

Prime Minister Appoints Dr. Islam Azzam to Economic Ministerial Group

Prime Minister Dr. Mostafa Madbouly issued Decree No. 1013 of 2026 defining the composition of the Economic Ministerial Group, which includes the FRA Chairman alongside the CBE Governor, Finance Minister, and other senior officials. The Decree mandates weekly meetings for the Group with flexibility to convene as circumstances require. Dr. Islam Azzam, appointed FRA Chairman in March 2026, joins the Group bringing expertise from his prior roles including FRA Vice Chairman and EGX Chairman.

FRA Chairman and Minister of Youth Discuss Cooperation Frameworks

FRA Chairman Dr. Islam Azzam met with Minister of Youth and Sports Gohar Nabil on April 16, 2026 to discuss cooperation frameworks for youth economic empowerment and financial literacy. The meeting aligned with Egypt Vision 2030 and Sustainable Development Goals, focusing on integrating youth into non-banking financial markets through specialized FRA programs. No binding regulatory changes were announced; the discussion centered on expanding partnerships and financial inclusion initiatives.

FRA and Arab Academy Partner on Human Capital Development

Dr. Islam Azzam, FRA Chairman, and Dr. Mostafa Hodeib, President of the Arab Academy for Management, Banking and Financial Sciences (AAMBFS), witnessed the signing of a strategic cooperation protocol on April 18, 2026. The agreement establishes specialized postgraduate programs including MBA tracks in Arabic and English and Professional Doctorates (DBA) for FRA staff and employees of affiliated non-banking financial sector companies, with partial scholarships and flexible payment systems. The protocol runs for an initial two-year renewable term and creates a joint steering committee to draft operational plans and expand training initiatives, aligning with Egypt Vision 2030's digital transformation and financial inclusion goals.

President Trump Discusses Iran Deal, Interest Rates in CNBC Interview

President Donald J. Trump appeared on CNBC's Squawk Box on April 21, 2026 for an exclusive wide-ranging interview covering Iran nuclear negotiations, U.S. military readiness, NATO, interest rates and the Federal Reserve, airline consolidation, and college athletics. The President stated that the U.S. is in a strong negotiating position with Iran and that the U.S. military is ready to act, while also expressing support for Kevin Warsh as Federal Reserve chair and discussing Spirit Airlines' financial difficulties.

Riley Barnes Peace Corps Director, Multiple Nominations Sent

The White House transmitted nine nominations to the Senate on April 21, 2026, including Riley Barnes of Texas for Director of the Peace Corps. The nominations span leadership roles across federal agencies including Ambassador to Belize, Inspector General at the Department of Justice, U.S. Attorney for the Southern District of Alabama, Assistant Secretary of the Air Force, Director of the National Reconnaissance Office, Chairman of the Council of Economic Advisers, Director of the CDC, and Assistant Secretary of Veterans Affairs. All nominations require Senate confirmation before appointees can assume their respective positions.

American Manufacturing Surges to Four-Year High as Factory Activity Expands

The White House announced on April 22, 2026, that the Institute for Supply Management's key manufacturing index registered its third consecutive month of expansion at its highest reading since 2022. Major companies announced significant U.S. manufacturing investments including U.S. Steel restarting its Gary Tin Mill in Indiana (225 jobs), Apple committing $600 billion over four years, Nvidia pledging $500 billion for AI chip production, and Johnson & Johnson investing $55 billion in new U.S. manufacturing. Foreign pharmaceutical companies AstraZeneca ($50 billion), Bristol Myers Squibb ($40 billion), and GSK ($30 billion) also announced major U.S. manufacturing expansions.

Virtual Hearing Apr 29 for St. Lawrence County 200 MW Two Rivers Solar Farm

The New York State Public Service Commission has scheduled a virtual public statement hearing on April 29, 2026 at 1:00 p.m. to receive comments on Two Rivers Solar Farm LLC's petition seeking a Certificate of Public Convenience and Necessity for a 200-megawatt solar-powered electric generating facility in the towns of Brasher and Massena in St. Lawrence County. The facility would interconnect to the grid via NYPA's Haverstock–Willis E 345 kilovolt transmission line under a siting permit issued by ORES on February 27, 2026. Registration to speak closes April 28, 2026 at 4:30 p.m.; written comments may be submitted through May 6, 2026 referencing Case 25-E-0616.

CDPHE Reminds 61,000 Children Ages 4-6 to Vaccinate

Beginning April 22, 2026, the Colorado Department of Public Health and Environment will send text messages and email notifications to families of more than 61,000 children ages 4-6 years whose records in the Colorado Immunization Information System indicate they may be due for routine vaccines, including those required for K-12 school enrollment. Messages will be sent from number 45778 and email address cdphe.vaccine.registry@state.co.us. Parents are directed to schedule appointments with healthcare providers or local public health agencies, with most insurance plans covering routine childhood vaccines at no cost.

Colorado Environmental Health Resources Highlighted for Earth Day

On Earth Day, April 22, 2026, CDPHE announced it is highlighting environmental health programs and resources statewide, including air quality monitoring, PFAS testing for private well owners, the Test and Fix Water for Kids program protecting over 700,000 children from lead exposure, and the Colorado Green Business Network whose 2025 participants reduced greenhouse gas emissions by more than 50,000 metric tons. The press release also references a new grant cycle opening soon for the Environmental Justice Grant Program and summarizes air quality control measures adopted by the Colorado Air Quality Control Commission on April 17, 2026. No new compliance obligations or regulatory requirements are created.

Warwickshire County Council Adult Education Functions Regulations 2026

This page is a navigation portal on legislation.gov.uk for UK Statutory Instrument 2026/448, titled Warwickshire County Council Adult Education Functions Regulations 2026. The page provides access to the original print PDF, correction slips, and associated documents, but contains no substantive regulatory text. No regulatory obligations, deadlines, or penalties are stated in this source.

Ministry of Defence Police Officers Must Hold Vetting Clearance

The Ministry of Defence Police (Vetting) Regulations 2026 (SI 2026 No. 428), made on 16th April 2026 and laid before Parliament on 22nd April 2026, come into force on 18th May 2026. The Regulations establish a comprehensive vetting framework for MDP officers, including provisions for vetting clearance assessments, withdrawal assessments, and a right of appeal. The instrument extends to England and Wales, Scotland and Northern Ireland.

Merchant Shipping (Accident Reporting and Investigation) Regulations 2026

The Merchant Shipping (Accident Reporting and Investigation) Regulations 2026 (SI 2026/430) came into force on 15th May 2026, replacing and consolidating the previous accident reporting framework under the Merchant Shipping Act 1995. The Regulations implement the IMO Casualty Investigation Code (Resolution MSC.255(84)) and define key terms including 'accident', 'marine casualty', 'marine incident', 'serious injury', and 'very serious marine casualty' for the purposes of UK maritime safety investigations. The Regulations apply to all accidents involving United Kingdom ships, ships within UK waters, and ships where the UK is a Substantially Interested State, with the Chief Inspector of Marine Accidents holding investigatory authority.

Surrey County Council Adult Education Functions Regulations 2026

This page on legislation.gov.uk provides access to the Surrey County Council Adult Education Functions Regulations 2026 (SI 2026/447). The page functions as a navigation and metadata hub, offering links to accompanying documents including the original print PDF, correction slips, lists of amendments, all document formats, and links to related legislation. No substantive regulatory text, obligations, penalties, or effective dates are displayed in the visible content.

North Killingholme Generating Station Amendment Order 2026

The North Killingholme Generating Station Amendment Order 2026 amends the existing North Killingholme Generating Station Order, making specific modifications to the regulatory framework governing this power generation facility in North Lincolnshire. The instrument is classified as a UK Statutory Instrument and appears on legislation.gov.uk as SI 2026/445.

Sanctions Miscellaneous Amendments Regulations 2026 (S.I. 2026/443)

The Sanctions (EU Exit) (Miscellaneous Amendments) Regulations 2026 (S.I. 2026/443), made 20th April 2026 under the Sanctions and Anti-Money Laundering Act 2018, correct errors in S.I. 2024/644 and S.I. 2025/394. The instrument introduces new trade end-use controls for Venezuela and the Democratic People's Republic of Korea (DPRK) via new Regulation 31A in both sanctions regimes, requiring UK persons to cease exporting goods or transferring technology when notified by the Secretary of State that items may be destined for those jurisdictions. It raises the 'relevant firm' threshold from €10,000 to £10,000 in both Venezuela and DPRK sanctions regulations, removes CEMA penalty modification provisions, and modernises Treasury licence purposes and electronic notice procedures.

Air Navigation Restrictions, Portrush, Northern Ireland

UK Statutory Instrument 2026/434 establishes air navigation restrictions applicable in the vicinity of Portrush, Northern Ireland. The instrument has been published on legislation.gov.uk as an active UK Statutory Instrument. No substantive regulatory text or compliance obligations are present in this source document.

Nutrition (Amendment etc.) (EU Exit) (Amendment) Regulations 2026 — Adds Magnesium L-Threonate Monohydrate

The Secretary of State for Health and Social Care has made the Nutrition (Amendment etc.) (EU Exit) (Amendment) Regulations 2026 (S.I. 2026/412), which amend Schedule 2 to the Nutrition (Amendment etc.) (EU Exit) Regulations 2019 by adding magnesium L-threonate monohydrate to Part B of the table of permitted mineral substances for use in food supplements. The Regulations extend to England and Wales but apply to England only. The instrument comes into force on 12th August 2026. Food supplement manufacturers in England may now use magnesium L-threonate monohydrate as a source of magnesium in their products.

Avian Influenza Amendment Order 2026 Regulates Poultrymeat Movement from Infected Premises

The Avian Influenza and Influenza of Avian Origin in Mammals (England) (Amendment) Order 2026 amends Article 24 of the 2006 Order to regulate poultrymeat movement from premises traced under article 23 (infected premises). The Secretary of State may now dispose of or require disposal of traced meat, or license its movement to a food processing establishment for treatment following a risk assessment. Meat moved under licence must be treated to achieve a core temperature of 70°C for at least 3.5 seconds before further movement is permitted. The Order extends to England and Wales but applies to England only.

Buckinghamshire Council Adult Education Functions Regulations 2026 (SI 2026/446)

The Buckinghamshire Council (Adult Education Functions) Regulations 2026 transfer specified adult education functions under sections 86 to 88 and 90 of the Apprenticeships, Skills, Children and Learning Act 2009 from the Secretary of State to Buckinghamshire Council, effective 22 April 2026. Functions under sections 90, 100(1) and 100(1B) are exercisable concurrently with the Secretary of State. The Regulations also amend section 122 of the 2009 Act to add local authorities exercising devolved functions to the information-sharing framework. Part 2 applies to academic years beginning on or after 1 August 2026.

Armenian Banks Fund Firebird AI Megaproject

Six Armenian financial institutions—Ardshinbank, Acba Bank, Evocabank, Fastbank, C-Quadrat Ampega Asset Management Armenia, and Amundi-Acba Asset Management—signed a loan agreement on March 26, 2026 to finance the 'Firebird AI' megaproject. CBA Governor Martin Galstyan attended the signing ceremony, noting that Armenia's banking system now possesses sufficient capacity to evaluate and implement projects of international scale. The Minister of High-Tech Industry and the U.S. Embassy Chargé d'Affaires also participated.

CBA Governor Meets IMF Delegation, Reviews Macroeconomic Progress

The Central Bank of Armenia held a concluding meeting with an IMF mission led by Mr. Alexander Tieman on March 30, 2026. The parties discussed macroeconomic conditions, progress on structural benchmarks, and policy directions for the upcoming period. They reaffirmed their commitment to continued cooperation toward maintaining economic stability and developing the financial system.

IMF and Armenia Reach Agreement on First Review of Stand-By Arrangement

The IMF and Armenian authorities have reached agreement on the first review of a three-year Stand-By Arrangement, which Armenia treats as precautionary to maintain macroeconomic stability and ensure sustainable economic growth. The agreement is subject to IMF Executive Board approval, upon which Armenia will gain access to approximately USD 25.3 million in additional funding. The IMF emphasizes prudent fiscal and monetary policies, vigilant financial sector supervision, and continued strengthening of regulatory frameworks to address external uncertainties.

OMB M-26-12 Commercial Products and Services Acquisition Guidance

OMB Memorandum M-26-12 provides guidance to covered agencies implementing Executive Order 14271 on increasing acquisition of commercial products and services. The memorandum requires agencies to assess recently awarded and in-process acquisitions for non-commercial products and services for compliance with FASA, including the sufficiency of market research and price analysis. Covered agencies must submit a comprehensive report to OMB by May 4, 2026, detailing non-commercial contracts awarded between April 15 and September 30, 2025, by product service code, with specific disclosures required for awards over $10 million. Additionally, agencies must confirm their competition advocate holds a position at or above the head of the contracting activity level.

OMB CIO Monthly IT Contract Notification Requirements Under FITARA (May 2026)

Beginning in May 2026, CIOs of covered CFO Act agencies must submit monthly notifications to OMB of all IT contracts they personally approve, plus any IT contracts approved by delegees that directly enable digital services interaction with the public. Reports must be sent to ofcio@omb.eop.gov no later than the 10th of each month, covering the preceding month's activity. The requirement sunsets in October 2026 following the sixth and final report unless OMB notifies agencies of continuation.

OMB M-26-11 Cancels 2026 Penalty Inflation Adjustments Under Federal Civil Penalties Act

OMB Memorandum M-26-11 cancels the 2026 annual civil monetary penalty inflation adjustment under the Federal Civil Penalties Inflation Adjustment Act Improvements Act of 2015, citing lack of October 2025 CPI-U data from BLS due to a lapse in federal appropriations. The Act requires October BLS data for annual cost-of-living adjustments and provides no alternative calculation method; OMB concludes it lacks statutory authority to use an alternative and warns that any effort to do so would face significant litigation risk. Agencies remain required to publish a Federal Register notice reflecting the annual adjustment outcome and to maintain and report penalty updates through their Agency Financial Reports per OMB Circular A-136.

Jordan to Sign Artemis Accords, April 23

The Hashemite Kingdom of Jordan will become the 63rd country to sign the Artemis Accords during a ceremony on April 23, 2026 at 9:30 a.m. EDT at NASA Headquarters in Washington, D.C. NASA Administrator Jared Isaacman will host Ambassador Dina Kawar of Jordan and U.S. Department of State Principal Deputy Assistant Secretary Ruth Perry for the signing. The Artemis Accords, established in 2020, set practical principles for safety, transparency, and coordination in civil space exploration on the Moon, Mars, and beyond.

NASA Astronaut Anil Menon to Discuss Upcoming Launch, Mission

NASA will host a news conference at 1:45 p.m. EDT on Wednesday, April 29, 2026, from Johnson Space Center in Houston to preview astronaut Anil Menon's upcoming mission to the International Space Station. The Soyuz MS-29 mission is targeted to launch Tuesday, July 14, 2026, carrying Menon and Roscosmos cosmonauts Pyotr Dubrov and Anna Kikina for an eight-month stay as part of Expeditions 74/75. This will be Menon's first spaceflight, following his selection as a NASA astronaut in 2021 and graduation from the 23rd astronaut class in 2024.

DNA Research on Station Promoting Cancer Therapies, Radiation Repair

NASA astronauts Chris Williams and Sophie Adenot processed DNA Nano Therapeutics-3 experiment samples in the Kibo laboratory module aboard the International Space Station on April 22, 2026, exploring DNA-inspired assembly techniques for manufacturing nano-therapies such as chemotherapy and immunotherapy to kill cancer cells and activate the immune system. The Expedition 74 crew also tested new exercise hardware, virtual reality goggles for vision screening, and continued unpacking cargo from Northrop Grumman's Cygnus XL resupply ship. Samples will be analyzed on the orbital outpost with a spectrophotometer then returned to Earth for further analysis.

PA Insurance Department Posts Risant, Everett Cash, Highmark Filings

The Pennsylvania Insurance Department posted current Transactions of Interest listing five insurance company regulatory filings received between June 2023 and January 2026. These include two Highmark requests for modification, Highmark's Certificate of Authority applications, Everett Cash Mutual Insurance Company's conversion and acquisition filing, and Risant Health Inc. and Kaiser Foundation Hospitals' request to acquire Geisinger. The listing serves as a transparency mechanism for the public to review pending and recent insurance regulatory filings.

OCC Terminates Five Formal Agreements with Banks February 2026

The OCC released five termination orders for formal agreements with nationally chartered banks in February 2026. The banks affected are First Federal Savings Bank of Kentucky (Frankfort, KY), Hiawatha National Bank (Hager City, WI), Minnstar Bank, National Association (Lake Crystal, MN), North Side Federal Savings and Loan Association of Chicago (Chicago, IL), and Unity National Bank of Houston (Houston, TX). The terminations occurred after banks demonstrated compliance with all articles of their enforcement actions or when terms became outdated or irrelevant to current circumstances.

Tabitha McCallister Prohibition; Heritage Bank, 1st National Bank, Slovenian S&LA, Touchmark National Bank Terminations

The OCC announces March 2026 enforcement actions: one Order of Prohibition against Tabitha McCallister, former Client Service Representative at Old National Bank, Evansville, Indiana, for making unauthorized withdrawals from bank customer accounts totaling over $19,000 (Docket No. AA-CE-2026-11). Four termination actions were also issued: Heritage Bank, National Association (Spicer, MN) Consent Order terminated; 1st National Bank (Lebanon, OH) Formal Agreement terminated; Slovenian S&LA of Franklin-Conemaugh (PA) Formal Agreement terminated; and Touchmark National Bank (Alpharetta, GA) Formal Agreement terminated.

OCC Announces April 2026 Enforcement Actions Against Banks and Former Bankers

The OCC released enforcement actions for April 2026 including a Consent Order against The Federal Savings Bank (Chicago, IL) for violations of Section 5 of the FTC Act related to deceptive acts or practices involving VA cash-out refinance loans with significant origination fees, increased interest rates, and increased monthly payments. Two former associate bankers—Shaira Ahmed at JPMorgan Chase Bank (Columbus, OH) and Marissa Murillo at BMO Bank N.A. (Chicago, IL)—received Orders of Prohibition for embezzling over $73,000 and making unauthorized withdrawals exceeding $164,000 respectively. The OCC also terminated three prior enforcement actions against CNB Bank & Trust, Generations Bank, and JPMorgan Chase Bank N.A.

Controller Cohen Calls Emergency Session of State Lands Commission on Offshore Oil

California State Controller Malia M. Cohen, as Chair of the State Lands Commission, called on March 16, 2026 for an emergency session of the Commission in response to Trump Administration orders directing Sable Offshore Corp. to restart offshore oil operations on California's coast. Cohen urged the Commission to join Governor Newsom and Attorney General Bonta in challenging Sable's reliance on the Defense Production Act and directed staff to terminate the lease if Sable operates without required state regulatory approvals. The Controller cited a March 13, 2020 Consent Decree between the United States, California agencies, and Sable's predecessor Plains All American Pipeline as the legal foundation for California's jurisdiction.

Controller Cohen Issues Statement on Network Access for March 20, 2026

Controller Malia M. Cohen issued a statement confirming that routine scheduled maintenance on the evening of March 19, 2026 caused temporary network connectivity loss for 315 state-issued devices, primarily laptops and a small number of printers assigned to remote team members in the SCO Payroll and Personnel Services Division and the California State Payroll System project. By 11:00 a.m. on March 20, 100% of critical personnel had network access restored. The Controller emphasised that the statewide payroll system and SCO's statutory financial obligations were not affected at any point.

Cohen Commends Financial Literacy AB 2927 and Women's Capital Executive Order

California State Controller Malia M. Cohen issued a statement on March 19, 2026 commending implementation of Assembly Bill 2927 (McCarty, 2024), which requires personal finance courses in high schools, and Governor Gavin Newsom's executive order expanding women's access to capital. The Controller characterized financial education as foundational to California's status as the fourth largest economy and stated that supporting wealth-building resources for women is critical to closing generational financial security gaps. No new compliance obligations are created by this commendatory statement.