On November 20, 2025, the Securities and Exchange Commission and defendants SolarWinds Corp. and Timothy G. Brown filed a joint stipulation to dismiss with prejudice the SEC’s civil enforcement action pending in the Southern District of New York. The SEC would dismiss all claims concerning the conduct alleged in the SEC’s Amended Complaint and includes

Sheridan Capital Partners has sold Tarrytown Expocare Pharmacy to Carlyle, according to a news release.

Tarrytown, founded in 2007 and based in Austin, Texas, is a long-term care pharmacy specialized in serving individuals with intellectual and developmental disabilities. The company states that it is licensed in more than 40 states.

Sheridan, founded

Overview

On October 21, 2025, the New York State Department of Financial Services (NYDFS) released comprehensive guidance for registrants regarding management of cybersecurity risks associated with third-party service providers (TPSPs) including cloud computing, file transfer system, AI and fintech solutions.[1] As reliance on external vendors for critical technology services grows, so too do the cyber threats to operations and sensitive customer data. The guidance clarifies regulatory expectations, highlights best practices, and underscores the importance of robust third-party risk management throughout the entire vendor relationship lifecycle.  In summary, companies can outsource functions but will still retain responsibility for cybersecurity oversight.

Government and Federal Aviation Administration (FAA) safety directives have led to a reduction in flights beginning November 7, 2025, to protect people and property from potential accidents. The FAA’s Emergency Order Establishing Limitations on the Use of Navigable Airspace explains that the restrictions are necessary “to ensure the safety of aircraft” and “[t]o maintain the highest standards of safety” in the National Airspace System. For companies whose operations or revenues are affected, these measures may give rise to recoveries under general liability and property insurance policies.

Diversis Capital has announced the acquisitions of three technology companies serving the hospital supply chain management market:

  • Kermit, a cloud-based, bill-only automation, spend-management and analytics platform for physician preference items;
  • Meperia, a supply chain and procurement intelligence platform; and
  • Genesis Automation Healthcare, a clinical traceability and supply chain automation solution.

The combined three

JLL Partners has announced its acquisition of Parks Medical Electronics.

Parks, established in 1961 and based in Aloha, Oregon, is a manufacturer of Doppler ultrasound systems and vascular labs. Its products, including the Flo-Lab system, are used in medical offices, operating rooms and veterinary practices. 

JLL, founded in 1988 and based in New

On October 20, 2025, the United States Court of Appeals for the Fifth Circuit issued a significant decision clarifying that an insurer’s duty to defend under Texas law extends to a contractually mandated alternative dispute resolution (ADR) proceeding.[i] The Fifth Circuit reversed a magistrate judge’s dismissal of BPX Production Co.’s (BPX) coverage claims, holding that an ADR proceeding triggers an insurer’s duty to defend and indemnify under a commercial general liability (CGL) policy—thus rejecting the insurer’s argument that a “suit” was required.  Further, the Fifth Circuit held that an insurer’s conduct can waive conditions to coverage. This decision provides important guidance for corporate policyholders navigating insurance disputes involving an ADR proceeding, policy defenses asserted by insurers, and the assignment of insurance rights to maximize an insurance recovery in the circumstance of a bankruptcy.