The Massachusetts House unanimously passed the Consumer Data Privacy Act, a bill that will give residents rights to access and delete their data held by large tech firms.
The breach occurred on May 28, with attackers gaining access to users' first names, last names, email addresses, and encrypted passwords for those not using Single Sign-On.
The security flaws, tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, were addressed in May and impacted UniFi OS Server versions 5.0.6 and earlier.
The security startup depthfirst utilized an autonomous AI agent to scan FFmpeg's extensive codebase, uncovering 21 previously unknown vulnerabilities, some of which had been dormant for up to 23 years.
The vulnerability resides within the plugin's Complex Calculation feature, which processes user input and inserts it into a PHP code string for execution via the "eval()" function.
The proposed "Guaranteeing Universal Access to Cybersecurity Act" seeks to authorize $50 million annually for the MS-ISAC, which is operated by the Center for Internet Security.
