(Washington, D.C., July 31, 2025) – U.S. Secretary of Agriculture Brooke L. Rollins congratulates Tyler Clarkson on his confirmation to serve as General Counsel at the U.S. Department of Agriculture.

(Washington, D.C., August 1, 2025) – U.S. Secretary of Agriculture Brooke L. Rollins announced today the opening of a 30-day public comment period for stakeholders to provide feedback on the Department’s reorganization plan, as outlined in the Secretary’s memorandum (PDF, 2.6 MB) issued on July 24, 2025.

When Apple dropped iOS 18.6 this week, it didn’t ship a bunch of new features and changes. Indeed, when you update your iPhone, it’ll appear exactly as it did running iOS 18.5. Under the hood, however, the update introduced more than 20 patches for security vulnerabilities across iOS, making it an important security update for all compatible devices.

When Apple released its security notes for the update, it did not indicate whether any of the flaws were zero-days—in other words, whether any of the flaws had been exploited or publicly disclosed before a patch was readily available. That puts the user at an advantage, since it suggests bad actors haven’t figured out how to take advantage of any of the now-fixed flaws. However, as it turns out, one of these flaws was actively exploited—just not against an Apple product.

The vulnerability in question is tracked as CVE-2025-6558. Per Apple’s release notes, this is a flaw that could crash Safari when processing malicious web content. As Apple states, the vulnerability isn’t an iOS-specific flaw; rather, it’s a vulnerability in open source code, and Apple’s software is impacted.

While Apple says this vulnerability was not exploited against Apple software, at least at the time the release notes were published, one piece of software that appears to have been actively exploited using this flaw is Google Chrome. As reported by Bleeping Computer, CVE-2025-6558 can allow bad actors to run their own code within Chrome’s GPU process when visiting malicious websites. This could enable hackers to break into the operating system of the target’s machine. If you’re using an Apple product, that would mean iOS, macOS, iPadOS, tvOS, visionOS, or watchOS could be compromised from this attack. (Apple released security updates for all of these OSes, respectively.)

The flaw is serious business: The Cybersecurity and Infrastructure Security Agency (CISA) listed this flaw among its Known Exploited Vulnerabilities Catalog, and now requires federal agencies to update their software by Aug. 12.

Protecting your devices from this zero-day

To make sure you protect your devices from this vulnerability, you’ll want to update all affected hardware and software. That means you’ll want to update any Apple devices to iOS 18.6, and if you use Chrome or a Chromium-based browser (like Microsoft Edge or Opera) you’ll want to update it to the latest version.

You can typically install Apple updates, such as on an iPhone, from Settings > General > Software Update. On Chrome, click the three dots in the top right, then go to Help > About Google Chrome.

Authenticators from Google and Microsoft are already well-established, but the newly released Proton Authenticator may be worth the switch. Proton is the company behind Proton Pass, our top password manager for those who prioritize privacy, as well as other services like Proton Mail and Proton VPN. While Proton Pass has an integrated two-factor authentication (2FA) feature on its premium tier, anyone can use Proton Authenticator at no cost, even if you rely on a different service for password management.

How Proton compares to other authenticator apps

Functionally, Proton Authenticator isn’t that different than other popular apps like Google Authenticator and Microsoft Authenticator or alternatives like Duo and Authy. You can add time-based one-time passwords (TOTPs) manually or by scanning a QR code as well as import some or all of your existing codes from authenticator apps that offer this feature (Google does, Microsoft does not). In my testing, it was easy to screenshot and save the QR codes from Google Authenticator and upload them from my photos into Proton Authenticator, which quickly populated all of my codes.

For added security, Proton Authenticator can be locked behind biometrics like Face ID and hide your codes from view (which is helpful if you simply need to copy and paste on the same device). Codes refresh every 30 seconds, and Proton shows you both the current TOTP and the one that will populate next. While most authenticators are limited to iOS and Android, Proton also supports Windows, macOS, and Linux with encrypted syncing between devices.

Again, authenticator apps are largely similar in both form and function, but Proton Authenticator has a potential advantage in that it comes from a privacy-first company. Unlike most competitors, the platform is open source and doesn’t include any ads or tracking, so it’s well worth considering if you want to move away from services from Google and Microsoft. (Bitwarden, another excellent open-source password manager, also offers a free, standalone authenticator app.)

Given the regularity of data breaches and the ubiquity of phishing schemes that aim to compromise your data, you should have multi-factor authentication (MFA) enabled on any account that offers this extra layer of security. As I’ve written, some authentication methods—like SMS codes—are still easily compromised via phishing methods like adversary-in-the-middle attacks. Biometrics and hardware keys are some of the most secure alternatives, but an authenticator app is also preferable to SMS because TOTPs are generated locally on your device and change every 30 to 60 seconds rather than sent via unencrypted text.

(Washington, D.C., August 1, 2025) – U.S. Secretary of Agriculture Brooke L. Rollins today announced the U.S. Department of Agriculture’s (USDA) intent to purchase up to $230 million in fresh seafood, fruits, and vegetables from American farmers and producers to distribute to food banks and nutrition assistance programs across the country. These purchases are being made through Section 32 of the Agriculture Act of 1935 and will assist producers and communities in need.

(Washington, D.C., August 1, 2025) – U.S. Secretary of Agriculture Brooke L. Rollins today announced the U.S. Department of Agriculture’s (USDA) intent to purchase up to $230 million in fresh seafood, fruits, and vegetables from American farmers and producers to distribute to food banks and nutrition assistance programs across the country. These purchases are being made through Section 32 of the Agriculture Act of 1935 and will assist producers and communities in need.

People in the U.S. pay more than $1 trillion in insurance premiums each year. Most of us have more than one insurance policy at any given time, including health, auto, homeowners, and life insurance policies. And when the time comes to shop around for a new one, you probably do some due diligence, researching the premiums you’ll have to pay for the amount of coverage that you want.

But that it offered a good premium isn’t the only thing you should know about a potential insurer. Fair premiums, low deductibles, and expansive coverage are important, but none of that means much if you choose an insurer that’s struggling financially, has very low customer satisfaction rates, or which routinely denies even legitimate claims. If you’re in the market for insurance, there are three facts you need to know about any company you’re considering buying a policy from.

The insurer’s financial stability

The most crucial thing to know about an insurance company is whether it has the cash on hand to cover claims made on its policies. The best-written policy in the universe won’t do you much good if the company selling it to you goes bankrupt when too many people actually try to actually use the insurance it sold them.

States set minimum reserves insurers are required to keep on hand to cover claims, but as the name implies, these are minimums—sometimes calculated as a percentage of potential claims, sometimes based on other financial factors. Insurance companies can’t legally fall below those reserves, but the reserves are only intended to prevent a total market collapse. In reality, insurers should have a lot more on hand, especially if there’s a possibility of a large number of claims being filed simultaneously (e.g., homeowners insurance claims in the wake of a disaster like a flood or wildfire). It might sound impressive that a small, regional insurance company has $100 million on hand to cover claims—but that looks like small potatoes if they have $1 billion in potential claims at any given time.

You can find a financial stability rating for most insurers over at AM Best. You’ll need to create a free account to search the database, but once you do, you’ll be able to see at a glance the “Financial Strength” rating of an insurer, which can range from a “superior” A++ to a “Poor” D. The website also offers a “Financial Size Category (FSC)” that offers an approximation of how much money the insurer has on hand, ranging from I (less than $1 million) to XV (at least $2 billion). A small, regional insurer might only have a few million bucks in the bank, but if its overall rating is A++, it’s still considered financially sound.

The insurer’s claims record

Getting a good deal on an insurance policy is only useful if the insurer actually approves and pays out for legitimate claims. I once had a homeowners insurance policy that seemed worse than useless—though it satisfied my mortgage provider’s insurance requirement, it never once paid out on a claim. Sure, it always had a reason my claims weren’t technically covered, but that didn’t help me in the moment. This is why it’s crucial that you research a company’s track record of denying or paying out claims before buying the policy.

Unfortunately, doing so can be difficult, because claim approval data isn’t easy to find. Insurers aren’t required to make it available to the public, so they simply don’t.

There are some resources, however, that can at least give you an idea about a company’s history of claim approvals and denials. Plans sold through Affordable Care Act marketplaces are a bit more transparent, and you can find past denial rates at the Kaiser Family Foundation site, which offer some clues. You can find studies online that offer up some details about which companies deny the most claims, like this one from ValuePenguin, showing that UnitedHealthcare rejects a third of claims from its customers. It might take some muscular Googling, but information about denial rates can potentially be pieced together this way—and if you see denials from a potential insurer noted over and over again in these studies, you might want to reconsider buying from it.

The insurer’s customer satisfactions scores

Finally, even a company that has a reasonable claims approval rate and is financially stable can be a poor choice if working with it is a miserable experience. Before you buy insurance, you should know one more thing: The satisfaction level of current and past customers. It’s not so much a hard number as it is a vibe, but it’s an important piece of data nonetheless.

There are three sources where you can get a sense of customer satisfaction about an insurer before you buy a policy:

• State insurance departments. Each state has an insurance department that regulates insurers writing policies in that state. These departments often publicly list complaints made against insurers on their sites. You can find your state’s insurance department through the National Association of Insurance Commissioners (NAIC) website.

• NAIC. Speaking of the NAIC, it also maintains a database of insurers that includes complaint reports. Search for your prospective insurer and see how many complaints are lodged against it, what the trends suggest, and how they compare to competitors.

• An online search. Finally, people tend to complain publicly when large companies treat them poorly, so checking social media and other websites for mentions of an insurer can yield some real-world insights into what it’s like to own a policy from it. Keep in mind that almost every insurer will have some complaints against it—people who have had bad experiences tend to be more vocal than those who are completely or even mostly satisfied— so you’re looking for volume and trendlines (i.e. a lot of complaints over a long period of time).