The Centers for Medicare & Medicaid Services (CMS) has proposed new guidelines in its 2025 Physician Fee Schedule to include reimbursement for digital therapeutics used in behavioral health treatments. These guidelines propose three new HCPCS codes to cover the costs associated with digital mental health treatment devices that are FDA-cleared and used as part of a broader behavioral health treatment plan. Reflecting a careful approach, CMS aims to gather data on the use and effectiveness of these digital tools, which are seen as supplementary to ongoing treatment. Despite previous failures in the digital therapeutics market, CMS's move signals a growing adoption of technology in behavioral health, driven by both need and potential for improved clinical outcomes.

CMS Fee Schedule Calls for Digital Therapeutics Reimbursement Behavioral Health Business

SolarWinds has released patches for a critical vulnerability in its Web Help Desk software (CVE-2024-28987) that allows unauthenticated remote users to gain unauthorized access and modify data. Rated 9.1 on the CVSS scale, the flaw was discovered by Horizon3.ai's Zach Hanley. Users are advised to update to version 12.8.3 Hotfix 2, which requires prior installation of versions 12.8.3.1813 or 12.8.3 HF1. This follows a recent patch for another severe vulnerability (CVE-2024-28986) with a CVSS score of 9.8 that has been actively exploited, though specific attack details remain unknown. Further information on CVE-2024-28987 is anticipated next month, underscoring the urgency for timely updates.

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk thehackernews

Peter Slavin will become the new president and CEO of Cedars-Sinai Medical Center and Cedars-Sinai Health System on October 1, succeeding Thomas Priselac. Slavin aims to address the post-pandemic recovery of the healthcare workforce by improving their work environment through technology and a people-first approach. Emphasizing the reduction of administrative burdens and promoting work-life balance are key elements of his strategy. Having led Massachusetts General Hospital previously, Slavin has significant experience in enhancing clinical care and workforce development. He believes that advancing trust in healthcare providers and adopting customer service principles will improve patient experiences and help regain public trust.

Next Cedars-Sinai CEO: ‘Make the Work Environment as Positive, Joyful as Possible’ HealthLeaders Media

The escalation of top-level domains (TLDs) has intensified a security issue where many organizations inadvertently send Microsoft Windows usernames and passwords to domains they do not own, due to previously non-existent TLDs now being available for registration. This flaw, known as "namespace collision," exposes sensitive data because organizations set up their internal authentication systems using what they thought were private domains. Security researcher Philippe Caturegli has been mapping this vulnerability by examining self-signed security certificates, uncovering more than 9,000 suspect domains. A significant portion of these are now registered, potentially allowing third parties to intercept credentials. Caturegli's findings highlight the scale of the issue, revealing that even critical infrastructures and government entities are affected. His research underscores the persistent and pervasive risk posed by outdated network configurations and the need for organizations to adopt more secure internal domain naming practices.

Local Networks Go Global When Domain Names Collide krebsonsecurity.com

The Centers for Medicare & Medicaid Services (CMS) has proposed new guidelines in its 2025 Physician Fee Schedule to include reimbursement for digital therapeutics used in behavioral health treatments. These guidelines propose three new HCPCS codes to cover the costs associated with digital mental health treatment devices that are FDA-cleared and used as part of a broader behavioral health treatment plan. Reflecting a careful approach, CMS aims to gather data on the use and effectiveness of these digital tools, which are seen as supplementary to ongoing treatment. Despite previous failures in the digital therapeutics market, CMS's move signals a growing adoption of technology in behavioral health, driven by both need and potential for improved clinical outcomes.

CMS Fee Schedule Calls for Digital Therapeutics Reimbursement Behavioral Health Business

SolarWinds has released patches for a critical vulnerability in its Web Help Desk software (CVE-2024-28987) that allows unauthenticated remote users to gain unauthorized access and modify data. Rated 9.1 on the CVSS scale, the flaw was discovered by Horizon3.ai's Zach Hanley. Users are advised to update to version 12.8.3 Hotfix 2, which requires prior installation of versions 12.8.3.1813 or 12.8.3 HF1. This follows a recent patch for another severe vulnerability (CVE-2024-28986) with a CVSS score of 9.8 that has been actively exploited, though specific attack details remain unknown. Further information on CVE-2024-28987 is anticipated next month, underscoring the urgency for timely updates.

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk thehackernews

Peter Slavin will become the new president and CEO of Cedars-Sinai Medical Center and Cedars-Sinai Health System on October 1, succeeding Thomas Priselac. Slavin aims to address the post-pandemic recovery of the healthcare workforce by improving their work environment through technology and a people-first approach. Emphasizing the reduction of administrative burdens and promoting work-life balance are key elements of his strategy. Having led Massachusetts General Hospital previously, Slavin has significant experience in enhancing clinical care and workforce development. He believes that advancing trust in healthcare providers and adopting customer service principles will improve patient experiences and help regain public trust.

Next Cedars-Sinai CEO: ‘Make the Work Environment as Positive, Joyful as Possible’ HealthLeaders Media

The escalation of top-level domains (TLDs) has intensified a security issue where many organizations inadvertently send Microsoft Windows usernames and passwords to domains they do not own, due to previously non-existent TLDs now being available for registration. This flaw, known as "namespace collision," exposes sensitive data because organizations set up their internal authentication systems using what they thought were private domains. Security researcher Philippe Caturegli has been mapping this vulnerability by examining self-signed security certificates, uncovering more than 9,000 suspect domains. A significant portion of these are now registered, potentially allowing third parties to intercept credentials. Caturegli's findings highlight the scale of the issue, revealing that even critical infrastructures and government entities are affected. His research underscores the persistent and pervasive risk posed by outdated network configurations and the need for organizations to adopt more secure internal domain naming practices.

Local Networks Go Global When Domain Names Collide krebsonsecurity.com