BOLI ADR Program Secures Over $3 Million in Settlements

The Oregon Bureau of Labor and Industries (BOLI) announced that its Alternative Dispute Resolution (ADR) program has secured over $3 million in settlements for Oregonians in its first year. The program offers free, confidential mediation services to resolve disputes between workers, employers, tenants, and landlords.

Oregon BOLI Funding Bill HB 4027 A Passed Legislature

The Oregon Legislature has passed House Bill 4027 A, securing a stable funding framework for the Bureau of Labor and Industries (BOLI). This legislation aims to ensure the long-term sustainability of Oregon's workplace and civil rights enforcement system.

SuiteCRM Vulnerabilities Allow Code Execution, Data Manipulation, SSRF, DoS

CERT-Bund has issued a security advisory for SuiteCRM, detailing multiple vulnerabilities that could allow attackers to execute arbitrary code, manipulate data, perform SSRF attacks, or cause denial-of-service conditions. The advisory affects versions prior to 7.15.1 and 8.9.3, with a CVSS base score of 8.8.

Python Path Traversal Vulnerability Disclosed

CERT-Bund has disclosed a path traversal vulnerability in Python versions prior to 3.15.0. The vulnerability, with a CVSS base score of 4.0, allows local attackers to exploit the flaw. Mitigation is available.

Roundcube Vulnerabilities: Critical Score, File Manipulation, XSS

CERT-Bund has issued a security advisory for Roundcube, a PHP-based open-source webmail system. Multiple vulnerabilities with a critical CVSS base score of 10.0 have been identified, allowing attackers to manipulate files, bypass security measures, and perform cross-site scripting attacks.

Microsoft Dynamics 365 SQL Injection Vulnerability

CERT-Bund has issued a security advisory for Microsoft Dynamics 365 Customer Engagement regarding a critical SQL injection vulnerability (CVSS 8.8). The vulnerability allows authenticated remote attackers to execute arbitrary SQL commands, potentially leading to privilege escalation or operating system command execution.

Keycloak Vulnerabilities: Info Disclosure and Privilege Escalation

CERT-Bund has issued a security advisory regarding critical vulnerabilities in Keycloak versions prior to 26.5.6. These vulnerabilities allow for remote information disclosure and privilege escalation. Mitigation is available.

libarchive Vulnerability Allows Denial-of-Service

CERT-Bund has issued a security advisory regarding a vulnerability in the libarchive library, which allows for denial-of-service attacks. The vulnerability affects various operating systems including Linux, UNIX, and Windows, and specific versions of Red Hat Enterprise Linux. Mitigation measures are available.

Ubiquiti UniFi Vulnerabilities Allow Privilege Escalation

CERT-Bund has issued a security advisory for Ubiquiti UniFi Network Application, detailing vulnerabilities that allow for privilege escalation. The advisory assigns a critical CVSS Base Score of 10.0 and a high CVSS Temporal Score of 8.7, indicating a significant security risk. Affected versions include UniFi Network Application <10.1.89, <10.2.97, <9.0.118, and UniFi Express <4.0.13.

IBM QRadar SIEM Critical Vulnerabilities

CERT-Bund has issued a security advisory regarding critical vulnerabilities in IBM QRadar SIEM, versions prior to 7.5.0 UP15. These vulnerabilities, with a CVSS Base Score of 9.8, allow for remote code execution, information disclosure, denial of service, and file manipulation.

WebKitGTK Vulnerabilities Allow Code Execution, DoS, Info Disclosure

CERT-Bund has issued a security advisory (WID-SEC-2026-0782) regarding multiple vulnerabilities in WebKitGTK, a web browser engine used across various operating systems. The vulnerabilities, with a CVSS Base Score of 8.8, can allow remote attackers to execute arbitrary code, cause denial-of-service conditions, or disclose sensitive information.

Drupal Automated Logout Extension Vulnerability Allows File Manipulation

CERT-Bund has issued a security advisory regarding a vulnerability in Drupal's Automated Logout Extension. The vulnerability allows remote, anonymous attackers to manipulate files. Affected versions include Open Source Drupal Automated Logout <1.7.0 and <2.0.2.

Samba Vulnerability Allows Information Disclosure

CERT-Bund has issued an advisory regarding a Samba vulnerability (WID-SEC-2026-0780) that allows local attackers to disclose information. The vulnerability affects Open Source Samba versions prior to 4.24.0 and has a CVSS Base Score of 5.5.

Jenkins Vulnerabilities Allow Code Execution and Info Disclosure

CERT-Bund has issued a security advisory for Jenkins, detailing multiple vulnerabilities with a high CVSS base score. These vulnerabilities allow attackers to execute arbitrary code, bypass security measures, and disclose confidential information. Affected versions include Jenkins weekly <2.555 and Jenkins LTS <2.541.3.

Dell Secure Connect Gateway Policy Manager Critical Vulnerabilities

CERT-Bund has issued a security advisory for Dell Secure Connect Gateway Policy Manager, detailing critical vulnerabilities (CVSS Base Score 9.8) that could allow remote attacks. The advisory affects versions prior to 5.34.00.14 and recommends mitigation.

Xpdf Vulnerability Allows Denial of Service

CERT-Bund has issued a security advisory regarding a denial-of-service vulnerability in the Xpdf PDF viewer. The vulnerability affects versions of Xpdf on Linux, UNIX, and Windows systems. The advisory provides information on the vulnerability and mitigation, noting a CVSS base score of 2.9.

Hartland and Hollandale Fined for Wastewater Permit Violations

The cities of Hartland and Hollandale have been fined a total of $24,169 by the Minnesota Pollution Control Agency (MPCA) for municipal wastewater permit violations. Violations included submitting false data, missing data, and late reports, leading to the revocation of their wastewater operator's certification. Both cities must also agree to cease falsifying data and implement plans for timely sampling and reporting.

Big Lake Estates Fined for Wastewater Violations

The Minnesota Pollution Control Agency (MPCA) fined Big Lake SADO, LLC, operator of Big Lake Estates mobile home park, $24,150 for unauthorized wastewater releases and failure to notify authorities. The company has agreed to corrective actions to prevent future violations.

Ardent Mills fined $10,200 for air permit violations

The Minnesota Pollution Control Agency (MPCA) has fined Ardent Mills LLC $10,200 for violations of its air permit at its Lake City facility. Performance tests revealed emissions of PM 2.5 and PM 10 exceeded permitted limits. The company has since corrected the issue and returned to compliance.

Monticello Mobile Home Park Fined for Wastewater Violations

The Minnesota Pollution Control Agency (MPCA) has fined The Meadows Mobile Home Park $13,957 for discharging untreated sewage and failing to complete corrective actions within the mandated 30-day period. The park took 134 days to submit a maintenance plan and complete routine cleaning after the violations.

Northshore Mining Fined for Wastewater Permit Violations

The Minnesota Pollution Control Agency (MPCA) has fined Northshore Mining $19,000 for repeated violations of its wastewater permit. The company released recycled water and water related to mining processes unpermitted multiple times between 2023 and 2025. Northshore Mining must also submit a spill prevention report and implement a piping integrity plan.

SAM.gov Entity Registration and Exclusion Maintenance Notice

The General Services Administration (GSA) issued a notice regarding temporary maintenance on SAM.gov that affected entity registrations and exclusions. The page for specific exclusions was unavailable during this period.

Navitas Organics chia seeds recalled for Salmonella contamination

The Rhode Island Department of Health announced a recall of Navitas Organics chia seeds due to potential Salmonella contamination. Consumers who purchased the affected product are advised not to consume it and to dispose of it or return it for a refund. This recall impacts food manufacturers, retailers, and importers.

Organic Moringa Recalled Due to Salmonella Contamination

The Rhode Island Department of Health announced a recall of Organic Moringa products due to potential Salmonella contamination. Consumers are advised not to consume the product and to discard it or return it for a refund.

Rabies vaccine recalled due to sterile water mix-up

The Rhode Island Department of Health announced a recall of a rabies vaccine due to a mix-up where sterile water was used instead of the vaccine. This recall affects healthcare providers and potentially patients who received the affected vaccine.

Rhode Island Drug Overdose Data Update

The Rhode Island Department of Health has reported 55 non-fatal drug overdoses occurred in the state between March 10 and March 16. This data update provides situational awareness regarding the ongoing opioid crisis.

Department of Education TRIO Programs Outcome Evaluations Comment Request

The Department of Education is requesting public comment on a new information collection request (ICR) for TRIO Programs outcome evaluations. The proposed collection aims to gather data for the "Description of Today's TRIO Programs and Proposing Options for Future Outcome Evaluations" study, involving web-based surveys for TRIO project directors/staff. The comment period closes on May 18, 2026.

Department of Education Proposes New Loan Repayment Information Collection

The Department of Education has published a notice proposing a new information collection request (ICR) under the Paperwork Reduction Act. This collection, titled 'Shaping the Future of Loan Repayment,' aims to gather data through interviews with federal student loan borrowers to understand enrollment and repayment behaviors in income-driven repayment plans.

Department of Education Notice on RISE Award Information Collection

The Department of Education has issued a notice proposing the reinstatement of an information collection request (ICR) for the RISE Award program. This notice is part of the Paperwork Reduction Act process, allowing for public comment on the existing collection.

DOJ Justice for Families Program Information Collection Extension

The Department of Justice's Office on Violence Against Women is seeking a 30-day public comment period for the extension of a previously approved information collection request related to the Justice for Families Program. This notice is part of the process for obtaining OMB authorization for the collection.

DOJ - VAWA STOP Formula Grant Program Information Collection Extension

The Department of Justice's Office on Violence Against Women is seeking a 30-day public comment period for the extension of a previously approved information collection request related to the Violence Against Women Act's STOP Formula Grant Program. The request is for OMB authorization for three years.

Amended Venezuela General License 5V and FAQ 595 issued

Amended Venezuela General License 5V and FAQ 595 issued

Tennessee Relay Center service transition to IP-protocol docket opened

Tennessee Relay Center service transition to IP-protocol docket opened

PSC sets Feb 13 intervention deadline for Vicinity Energy tariff

PSC sets Feb 13 intervention deadline for Vicinity Energy tariff

Evergy Missouri Metro Rate Case Intervention Deadline

The Missouri Public Service Commission has set February 27, 2026, as the intervention deadline for Evergy Missouri Metro's electric rate case. The utility is seeking an approximate $137.9 million revenue increase.

PSC Approves Ameren Big Hollow Project Agreement

The Missouri Public Service Commission has approved an agreement allowing Ameren Missouri to construct the Big Hollow project, which includes an 800-MW natural gas generator and a 400-MW battery storage system. The approval includes conditions regarding investment tax credits, construction progress reports, cost change notifications, and potential use of construction work in progress accounting.

MO PSC Sets Public Hearing for Liberty CCN Request

The Missouri Public Service Commission has scheduled a public hearing for April 16, 2026, to receive customer comments on Empire District Electric Company d/b/a Liberty's request for a Certificate of Convenience and Necessity (CCN). Liberty seeks approval to construct a new 250-megawatt combustion turbine generator.

MO PSC Sets Intervention Deadline for Missouri-American Water Rate Adjustment

The Missouri Public Service Commission (PSC) has set a March 18, 2026, intervention deadline for Missouri-American Water Company's application to adjust water and sewer rates. The proposed adjustment would increase base revenues by 3.1% for water and 1.6% for sewer services.

Broadband Internet for All Virtual Public Outreach Meeting

The New Jersey Board of Public Utilities (BPU) announced a virtual public outreach meeting on August 13, 2024, to discuss the 'Broadband Internet for All' initiative. The meeting aims to gather public input on expanding broadband access across the state.

NJ Board of Public Utilities Utility Hearing Public Notices

The New Jersey Board of Public Utilities has published public hearing notices for various utility matters scheduled throughout 2026. These notices cover applications for cable television franchises, revisions to energy efficiency program rates, electric and gas rate adjustments, and water and wastewater service clauses.

NJ Board of Public Utilities Reports Directory

The New Jersey Board of Public Utilities (NJBPU) has updated its reports directory, providing access to various studies and analyses commissioned by the Board. These reports cover topics such as energy affordability, grid modernization, and resource adequacy, guiding the Board's regulatory responsibilities for New Jersey ratepayers.

NJ BPU Public Notices Archive

The New Jersey Board of Public Utilities (NJ BPU) has published a list of public notices and meeting announcements for 2026. These notices cover various topics including clean energy programs, budget true-ups, and the provision of Basic Generation Service for the upcoming year.

NJ BPU Invests $5 Million to Reduce Urban Heat Island Effect

The New Jersey Board of Public Utilities (NJ BPU) announced an investment of $5 million to mitigate the urban heat island effect in overburdened municipalities. This initiative aims to address environmental disparities and improve public health in affected communities.

MN PUC Upcoming Meetings and Events Calendar

The Minnesota Public Utilities Commission (MN PUC) has published its upcoming meetings and events calendar. This notice provides a schedule of upcoming public sessions and industry events relevant to regulated entities in Minnesota.

DEA Warns About Methamphetamine and Street Names

The DEA issued a public safety alert warning about methamphetamine, listing its various street names such as Crank, Crystal, and Ice. The alert directs readers to a DEA factsheet for more information on the drug and its effects.

DEA Public Safety Alert: Fentanyl Affects All Communities

The DEA issued a public safety alert via Twitter, emphasizing that fentanyl affects all communities regardless of race, age, or economic status. The alert, from DEA SAC D. Olesky, reiterates the DEA's goal of a fentanyl-free America and mentions a joint effort with Aurora Police to combat drug trafficking.

North Dakota Merges Insurance and Securities Departments

North Dakota has unified its Insurance and Securities departments into a single regulatory body, following the passage of Senate Bill 2214. This merger aims to enhance consumer protection and streamline oversight of the insurance and securities sectors within the state.

North Dakota Stop Order Against EPIC Management and Todd Berning

The North Dakota Insurance Commissioner issued a stop order against EPIC Management, LLC and Todd Berning, requiring them to immediately cease offering or selling membership interests. This action is due to concerns about the company's financial condition, assets, management, leadership, transparency, and operations, as well as potential violations of Chapter 10-04 of the North Dakota Century Code.

North Dakota Health Insurance Premium Increases Projected for 2026

North Dakota's Insurance Commissioner has approved 2026 health insurance rates, but consumers may face significant premium increases if enhanced federal ACA subsidies expire. The state has also expanded eligibility for catastrophic plans, leading to higher rates for those options.

North Dakota Warns Seniors About Unfair Medicare Sales Practices

The North Dakota Insurance Department issued a bulletin warning health insurers and licensed producers against unfair trade practices in the Medicare marketplace. The bulletin clarifies that restricting consumer access to products or unfairly manipulating compensation structures is a violation of state law.