News
Short updates on security, GRC, and AI developments, with enough context to be worth reading.
- Brief
SpiceJet Online Booking System
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information. Why it matters: This matters if it changes …Read brief - Brief
Stakeholder event on competition and data protection: save the date
Summary: Brussels, 23 April – The EDPB is organising a remote stakeholder event in the context of its joint work with the European Commission on upcoming guidelines on the …Read brief - Brief
Yadea T5 Electric Bicycle
Summary: View CSAF Summary Successful exploitation of this vulnerability could result in an attacker being able to unlock and start the bicycle, leading to vehicle theft. Why it …Read brief - Brief
GPT-5.5 System Card
Summary: GPT-5.5 System Card Why it matters: This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI …Read brief - Brief
Working with Codex
Summary: Learn how to set up your Codex workspace, create threads and projects, manage files, and start completing tasks with step-by-step guidance. Why it matters: This matters if …Read brief - Brief
CISA Adds One Known Exploited Vulnerability to Catalog
Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
EDPB Letter to the European Commission regarding INGO registration requirements
Summary: EDPB Letter to the European Commission regarding INGO registration requirements Why it matters: This matters if it changes how teams think about model governance, safety …Read brief - Brief
Siemens Industrial Edge Management
Summary: View CSAF Summary Industrial Edge Management contains an authorization bypass vulnerability that could be exploited by an unauthenticated remote attacker to circumvent …Read brief - Brief
Siemens SINEC NMS
Summary: View CSAF Summary SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the …Read brief - Brief
Siemens TPM 2.0
Summary: View CSAF Summary The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information …Read brief - Brief
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
Summary: CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
EDPB Sharpens Research Guidance and Speeds Up Anonymisation Work
Summary: EDPB used its April plenary to tighten guidance on scientific-research processing, accelerate anonymisation work, and approve a new certification mechanism tied to …Read brief - Brief
NIST Publishes Hardware Security White Paper on Firmware-Based Monitoring
Summary: NIST published Cybersecurity White Paper 52, “Firmware-Based Monitoring for Bus-Based Computer Systems,” on April 15, 2026. The paper describes how component …Read brief - Brief
FTC Targets Noncompete Agreements in Pest Control Enforcement Action
Summary: The FTC ordered Rollins to stop enforcing noncompete agreements against thousands of workers and paired the action with warning letters to other pest-control companies, …Read brief - Brief
NIST Updates NVD Operations to Address Record CVE Growth
Summary: NIST is changing NVD operations to keep up with record CVE volume, signaling that vulnerability teams should expect continued prioritization pressure around enrichment, …Read brief