Massachusetts Data Breach Notification Requirements for Consumers

The Massachusetts Attorney General's office has issued a notice detailing data breach notification requirements for consumers. This notice outlines the information consumers must provide to verify their identity and address potential identity theft, including specific documentation and procedures for placing and managing security freezes on credit reports.

Hightower Holding LLC Data Breach Notification

Hightower Holding LLC is notifying individuals of a data breach that occurred between January 8-9, 2026, and January 19-20, 2026, due to compromised user accounts. The breach resulted in unauthorized access and download of files containing personal information. The company is offering complimentary credit monitoring services.

Connell Family Office Data Breach Notification

Connell Family Office & Management, Inc. is notifying individuals of a data breach that may have impacted personal information, including names. While no misuse is indicated, the company is offering complimentary credit monitoring and identity restoration services through Experian. Affected individuals must enroll by June 30, 2026.

Quatrro Data Breach Notification and Credit Monitoring Offer

Quatrro Business Support Services, Inc. is issuing a data breach notification to affected individuals, offering a complimentary 24-month membership to credit monitoring services provided by Kroll. The notice details the incident, the services offered, and steps individuals can take to protect themselves.

Law Offices of James Scott Farrin Data Security Event Notification

The Law Offices of James Scott Farrin is notifying individuals of a data security event that occurred on September 8, 2025, involving the unauthorized acquisition of personal information, including names and Social Security numbers. Affected individuals are offered free credit monitoring and fraud assistance services.

Glasshouse Media Data Breach Notification

Glasshouse Media is issuing a data breach notification dated March 23, 2026, to affected individuals. The incident involved the inadvertent receipt of an internal file containing employee names and Social Security numbers. The company is offering 24 months of complimentary identity protection services through Experian IdentityWorks.

Regulation Amending Rules for Public Investment in Central Transport Hub

The Polish Council of Ministers has issued a regulation amending the rules for public investment in the Central Transport Hub. This amendment, published in the Dziennik Ustaw, modifies specific provisions related to the implementation of public investment objectives for this major infrastructure project.

Consolidated Regulation Text for State Fire Protection System Decision Support

The Polish Ministry of Interior and Administration has announced the consolidated text of a regulation concerning the State Fire Protection System's Decision Support System. This announcement consolidates existing regulations without introducing new requirements.

Minister of Health Regulation on Cardiology Network Data

The Polish Minister of Health has issued a regulation detailing the specific data to be entered into the National Cardiology Network system by cardiology centers and the deadlines for submission. This regulation aims to standardize data collection and reporting within the national cardiology network.

Consolidated Real Estate Management Act Text Announcement

The Polish Marshal of the Sejm announced the consolidated text of the Real Estate Management Act. This announcement consolidates existing legislation into a single document for clarity and ease of reference.

Justice Minister Regulation Amending Court and Prosecutor Staff Pay

The Polish Minister of Justice has issued a regulation amending the pay structure for court and prosecutor staff. This amendment details the specific positions and salary scales for civil servants and other employees within the court and prosecution system, as well as the procedures for their traineeships.

Regulation on Civil Servant Pay

The Council of Ministers of Poland has issued a regulation amending the rules for compensating civil servants not part of the civil service corps, employed in government administration offices. This amendment specifically addresses the pay structure for these employees.

Kenneth Michael Margolis Publicly Censured

The Tennessee Board of Professional Responsibility has publicly censured attorney Kenneth Michael Margolis for violations of professional conduct rules. The censure stems from issues related to fee agreements, communication, and the improper use of client authorizations in a new legal matter.

Kansas Air Quality Health Advisory for Prescribed Burns

The Kansas Department of Health and Environment (KDHE) issued an air quality health advisory for central and eastern Kansas due to smoke from prescribed burns in the Flint Hills. Elevated pollutant levels are expected through early Thursday, potentially reaching Unhealthy for sensitive groups or Unhealthy in localized areas.

North Dakota UAS and Satellite Industries Job Opportunities

The State of North Dakota's Job Service has announced growing career and internship opportunities within the state's Uncrewed and Autonomous Systems (UAS) and Satellite Systems (SS) industries. The announcement directs interested individuals to the Job Service North Dakota website and social media pages for current openings and company listings.

State PUC Request for Proposals (9761)

The State Public Service Commission (PUC) has issued a Request for Proposals (RFP) identified as 9761. This notice announces the availability of the RFP, which is intended to solicit proposals for services or projects within the state's energy sector.

Emergency Regulations for Small Generator Facility Interconnection Standards

The Maryland State Public Service Commission has issued emergency regulations for small generator facility interconnection standards, codified under COMAR 20.50.09. These regulations establish new requirements for connecting small power generation facilities to the grid.

RRB-OIG Actuarial Audit Services Contract Opportunity

The General Services Administration (GSA) has issued an amendment to a contract opportunity for Actuarial Audit Services for the Railroad Retirement Board (RRB) Office of Inspector General. This amendment addresses potential offeror questions, with the due date for offers remaining April 3, 2026.

NGINX Plus and NGINX Vulnerabilities

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in NGINX and NGINX Plus, with a CVSS base score of 8.2. The vulnerabilities affect Linux, UNIX, and Windows operating systems and can be exploited remotely to cause denial of service, data manipulation, bypass security measures, and potentially execute arbitrary code.

Apple Xcode Vulnerabilities Allow Information Disclosure, Denial of Service

CERT-Bund has issued a security advisory for Apple Xcode, detailing multiple vulnerabilities that could allow remote attackers to disclose information or cause a denial of service. The advisory notes a CVSS Base Score of 5.5 (medium) and affects versions prior to 26.4 on MacOS X.

NATS Server Vulnerabilities Allow Remote Attackers to Disclose/Manipulate Info, Cause DoS

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in NATS Server versions prior to 2.12.6 and 2.11.15. These vulnerabilities, with a CVSS base score of 8.6, allow remote attackers to disclose or manipulate information, cause denial-of-service, and bypass security mechanisms.

Zabbix Vulnerabilities Allow Remote Attacks

CERT-Bund has issued a security advisory for Zabbix, detailing multiple vulnerabilities with a CVSS base score of 8.8. These vulnerabilities affect various Zabbix versions and allow remote attackers to disclose information, inject shell commands, perform SQL injection, and cause denial of service.

OpenClaw Vulnerabilities

CERT-Bund has issued a security advisory for OpenClaw, detailing multiple critical vulnerabilities with a CVSS score of 9.9. These vulnerabilities allow for remote code execution, privilege escalation, data manipulation, and denial-of-service attacks. A mitigation is available.

Xen Vulnerability Allows Security Bypass

CERT-Bund has issued a security advisory regarding a vulnerability in Xen, a virtual machine monitor, that allows local attackers from a guest VM to bypass security measures. The advisory, dated March 24, 2026, notes a CVSS base score of 6.7 and indicates that mitigation is available.

IBM InfoSphere Server Vulnerabilities Allow Remote Attacks

CERT-Bund has issued a security advisory for IBM InfoSphere Information Server, detailing multiple vulnerabilities with a critical CVSS Base Score of 9.1. These vulnerabilities can be exploited by remote attackers to bypass security measures, cause denial of service, and manipulate data.

GitLab Vulnerabilities Allow File Manipulation, Bypass, DoS, Info Disclosure, XSS

CERT-Bund has issued a security advisory for GitLab, detailing multiple vulnerabilities that could allow attackers to manipulate files, bypass security measures, conduct denial-of-service attacks, disclose information, and perform cross-site scripting attacks. The advisory affects open-source GitLab versions prior to 18.10.1, 18.9.3, and 18.8.7.

IBM WebSphere Liberty Vulnerabilities Allow Privilege Escalation

CERT-Bund has issued a security advisory for IBM WebSphere Application Server Liberty, detailing vulnerabilities that allow privilege escalation, security bypass, and information disclosure. The advisory affects versions prior to 26.0.0.4 and provides mitigation information.

Node.js Vulnerabilities Allow DoS, Bypass, Info Disclosure

CERT-Bund has issued a security advisory for Node.js, detailing multiple vulnerabilities that could allow attackers to cause denial of service, bypass security measures, and disclose information. The advisory affects various versions of Open Source Node.js and provides mitigation information.

TIBCO ActiveMatrix Vulnerability Allows Data Disclosure and Manipulation

CERT-Bund has issued a security advisory for TIBCO ActiveMatrix and TIBCO Administrator, detailing a critical vulnerability (CVSS 9.9) that allows remote authenticated attackers to disclose and manipulate data. The advisory affects specific versions of TIBCO ActiveMatrix BusinessWorks and TIBCO Administrator Enterprise.

Harbor Vulnerability Allows Information Disclosure

CERT-Bund has issued a security advisory for Harbor, a Docker distribution registry, detailing a vulnerability that allows information disclosure. The advisory affects specific versions of Open Source Harbor and provides mitigation information.

Langflow Vulnerability Allows Code Execution

CERT-Bund has issued a security advisory for Langflow, a tool for creating LLM-based applications. A vulnerability (CVSS 8.8) allows remote attackers to execute arbitrary code on affected systems running versions prior to 1.9.0. Mitigation measures are available.

Ubiquiti UniFi Network Server Vulnerability

CERT-Bund has issued a security advisory for Ubiquiti UniFi Network Server versions prior to 10.1.89. A vulnerability allows remote attackers to bypass security measures, with a CVSS base score of 8.8. Mitigation is available.

Hitachi Ops Center Vulnerabilities Allow Remote Attacks, XSS

CERT-Bund has issued a security advisory for Hitachi Ops Center, detailing vulnerabilities that allow remote attacks and cross-site scripting. The advisory affects versions prior to Hitachi Ops Center Administrator <11.0.8 and Analyzer <11.0.5-00. Mitigation measures are available.

Netty Vulnerabilities Allow Bypass and Denial of Service

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in the Netty network application framework. These vulnerabilities, with a CVSS Base Score of 7.5, allow remote attackers to bypass security measures and cause denial of service. Affected versions include Open Source Netty prior to 4.2.11 and 4.1.132.

Apple Safari Vulnerabilities Allow Bypass, DoS, Disclosure, XSS

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Apple Safari, identified by WID-SEC-2026-0848. These vulnerabilities have a high CVSS Base Score of 8.3 and could allow attackers to bypass security measures, perform denial-of-service attacks, disclose information, or execute cross-site scripting attacks.

ImageMagick Vulnerabilities Allow Denial of Service Attacks

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in ImageMagick versions prior to 7.1.2-18 and 6.9.13-43. These vulnerabilities can be exploited by local or remote attackers to conduct denial-of-service attacks. Mitigation is available.

Mozilla Firefox and Thunderbird Multiple Vulnerabilities

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Mozilla Firefox and Mozilla Thunderbird. These vulnerabilities, with a CVSS base score of 8.8, could allow remote attackers to execute arbitrary code, cause denial of service, or disclose information. Affected versions include Firefox <149, Firefox ESR <115.34 and <140.9, and Thunderbird <149 and ESR <140.9.

Apple iOS/iPadOS Vulnerabilities Allow Bypass, DoS, Info Disclosure

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Apple iOS and iPadOS. These vulnerabilities, with a CVSS base score of 8.3, can allow attackers to bypass security measures, perform denial-of-service attacks, disclose information, and conduct cross-site scripting attacks. Affected versions include iOS and iPadOS prior to specific updates.

macOS Vulnerabilities Allow Privilege Escalation and Data Manipulation

CERT-Bund has issued a security advisory for Apple macOS, detailing multiple vulnerabilities with a high CVSS base score of 8.3. These vulnerabilities can be exploited remotely to bypass security measures, conduct denial-of-service attacks, disclose information, manipulate files, and escalate privileges. Affected versions include macOS Sonoma <14.8.5, Sequoia <15.7.5, and Tahoe <26.4.

Squid Vulnerabilities Allow Denial of Service Attacks

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Squid, an open-source web proxy cache. These vulnerabilities, with a CVSS base score of 8.6, can be exploited by remote attackers to cause a Denial of Service. The advisory applies to Squid versions prior to 7.5 on Linux, UNIX, and Windows systems.

Linux Kernel Vulnerabilities Allow DoS, Code Execution

CERT-Bund has issued a security advisory regarding multiple critical vulnerabilities in the Linux Kernel, with a CVSS base score of 9.8. These vulnerabilities can allow attackers to cause denial of service, bypass security measures, disclose information, and potentially execute code remotely. Mitigation measures are available.

US Department of State Celebrates Greece National Day

The U.S. Department of State, through Secretary of State Marco Rubio, issued a statement congratulating Greece on its National Day. The statement highlighted shared democratic ideals, NATO alliance cooperation, and commitment to deepening commercial ties, particularly in energy.

Court Affirms Dismissal of Campaign Finance Violations

The Commonwealth Court of Pennsylvania affirmed the dismissal of a campaign finance violation complaint against Jeff Brown, a former mayoral candidate, and two associated organizations. The court found that the lower court correctly sustained preliminary objections, upholding the dismissal of the complaint.

State v. Christian - Felony Murder Conviction Affirmed

The Minnesota Supreme Court affirmed a district court's denial of Scot Perry Christian's application for relief from a felony murder conviction. The court found that Christian's allegations were insufficient to demonstrate a reasonable probability of entitlement to relief under the Act of May 19, 2023, as he acted as an accomplice with intent to cause death.

First Lady Launches Fostering the Future Together Coalition Summit

First Lady Melania Trump launched the Fostering the Future Together coalition, with 45 nations attending an inaugural summit focused on empowering the next generation through technology and education. The summit aimed to expand access to educational tools and strengthen child protections in digital environments.

Guardian Storage Centers v. Simpson - Case Details

The California Courts have updated case details for Guardian Storage Centers, LLC et al. v. Simpson. This update includes new trial court case numbers and references to the Court of Appeal case number G064847.

Pechkis v. Trustees of California State University - Case Summary

The California Supreme Court has issued a case summary for Pechkis et al. v. Trustees of the California State University. The case, with trial court case number 24CV04200 and appellate court case number C103742, is currently in the appellate division. Oral argument is scheduled for March 17, 2026.

O'Leary v. Jones - Civil Case Filing

The California Supreme Court, through its 4th Appellate District Division 1, has filed a new civil case, O'Leary v. Jones, under case number D085327. The filing date was November 19, 2024. This represents the initiation of a new legal proceeding within the state's judicial system.

Chi v. California DMV - Oral Argument Scheduled

The California Supreme Court has scheduled an oral argument for the case Chi v. California Department of Motor Vehicles (A172237). The case involves a dispute related to the DMV. The oral argument is set for March 19, 2026.

St. Joseph's School Pupils Reimagine Future School Design

St. Joseph's School in Gibraltar has published a press release detailing a project where Year 6 pupils reimagined the design of their ideal future school. The project involved research visits, team-based design work considering wellbeing and learning, and presentations to school leadership. The pupil-led designs are intended to inform future school restoration discussions.