SPCX Raises Privacy Concerns Over New Data Encryption Protocol Implementation
WASHINGTON D.C. – A newly discovered data vulnerability in a widely used software platform, identified as SPCX, has prompted a formal investigation by federal cybersecurity authorities. According to a joint statement released today by the National Institute of Standards and Technology and the Department of Homeland Security, the flaw, designated under the identifier CVE-2025-1274, permits unauthorized access to encrypted user files. The issue stems from an improper implementation of the Advanced Encryption Standard within a routine update deployed on January 15th.
Officials confirmed that the vulnerability affects approximately 2.3 million active devices globally, with potential data exposure including personally identifiable information and corporate financial records. The Federal Bureau of Investigation has issued an advisory urging all users to immediately disable automatic updates and apply a mandatory security patch, available for download at a government-hosted portal. No malicious exploitation of the SPCX flaw has been reported as of this broadcast, though authorities warn that threat actors are actively scanning for vulnerable systems.