Jonathan Greig reports: Federal civilian agencies have until September 25 to patch a vulnerability in popular content management system Sitecore after incident responders said they disrupted a recent attack involving the bug. Sitecore published a bulletin on Wednesday about CVE-2025-53690, which affects several of the company’s products. A key issue with the bug is the use of...

Source

Riley Brennan reports: The U.S. Court of Appeals for the Third Circuit clarified this week that an employee’s purported violations of workplace computer use policies cannot be criminalized under federal law as long as there is no evidence of hacking or violations of trade secrets. On Tuesday, the federal appellate court affirmed the U.S. District Court...

Source

Kartikay Mehrotra reports: A federal appeals court delivered a victory to the Federal Communications Commission on Wednesday by upholding new and controversial data breach reporting requirements for telecommunications companies targeted in cyberattacks. The court rejected consolidated challenges, 2 to 1, from trade groups including the Ohio Telecom Association, Texas Association of Business and USTelecom. They...

Source