News
Short updates on security, GRC, and AI developments, with enough context to be worth reading.
- Brief
Working with Codex
Summary: Learn how to set up your Codex workspace, create threads and projects, manage files, and start completing tasks with step-by-step guidance. Why it matters: This matters if …Read brief - Brief
CISA Adds One Known Exploited Vulnerability to Catalog
Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
EDPB Letter to the European Commission regarding INGO registration requirements
Summary: EDPB Letter to the European Commission regarding INGO registration requirements Why it matters: This matters if it changes how teams think about model governance, safety …Read brief - Brief
Siemens Industrial Edge Management
Summary: View CSAF Summary Industrial Edge Management contains an authorization bypass vulnerability that could be exploited by an unauthenticated remote attacker to circumvent …Read brief - Brief
Siemens SINEC NMS
Summary: View CSAF Summary SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the …Read brief - Brief
Siemens TPM 2.0
Summary: View CSAF Summary The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information …Read brief - Brief
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
Summary: CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
EDPB Sharpens Research Guidance and Speeds Up Anonymisation Work
Summary: EDPB used its April plenary to tighten guidance on scientific-research processing, accelerate anonymisation work, and approve a new certification mechanism tied to …Read brief - Brief
NIST Publishes Hardware Security White Paper on Firmware-Based Monitoring
Summary: NIST published Cybersecurity White Paper 52, “Firmware-Based Monitoring for Bus-Based Computer Systems,” on April 15, 2026. The paper describes how component …Read brief - Brief
FTC Targets Noncompete Agreements in Pest Control Enforcement Action
Summary: The FTC ordered Rollins to stop enforcing noncompete agreements against thousands of workers and paired the action with warning letters to other pest-control companies, …Read brief - Brief
NIST Updates NVD Operations to Address Record CVE Growth
Summary: NIST is changing NVD operations to keep up with record CVE volume, signaling that vulnerability teams should expect continued prioritization pressure around enrichment, …Read brief - Brief
FTC Bars Forever Living From Deceptive Earnings Claims
Summary: The FTC settled with Forever Living and its operators, permanently barring deceptive earnings claims and reinforcing that consumer-protection enforcement still reaches …Read brief - Brief
EDPB Annual Report 2025 Highlights the Board's Enforcement Priorities
Summary: EDPB’s 2025 annual report summarizes the board’s guidance, coordination, and enforcement priorities, giving privacy teams a better read on where European …Read brief - Brief
OpenAI Opens Applications for a Safety Fellowship Focused on Alignment Research
Summary: OpenAI announced the OpenAI Safety Fellowship on April 6, 2026, describing it as a pilot program for external researchers, engineers, and practitioners working on safety …Read brief - Brief
EDPB Publishes One-Stop-Shop Digest on Legitimate Interest
Summary: EDPB published a digest of one-stop-shop decisions on legitimate interest, giving privacy teams a clearer signal on how regulators are testing necessity, balancing, and …Read brief