News
Short updates on security, GRC, and AI developments, with enough context to be worth reading.
- Brief
CISA Adds Three Known Exploited Vulnerabilities to Catalog
Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
NASA Core Flight System (cFS) Health & Safety (HS) Application
Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. Why it matters: This matters if it changes …Read brief - Brief
Rockwell Automation 1756-EN2, 1756-EN3, and 1756-ENBT
Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. Why it matters: This matters if it changes …Read brief - Brief
Rockwell Automation CompactLogix, ControlLogix, Compact GuardLogix and GuardLogix
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. Why it matters: This matters if it …Read brief - Brief
Rockwell Automation FactoryTalk DataMosaix
Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an authenticated attacker to inject malicious scripts on the server. Why it matters: This …Read brief - Brief
Rockwell Automation Flex 5000 Adapter
Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected product. Why it matters: …Read brief - Brief
SALTO ProAccess Space
Summary: View CSAF Summary Successful exploitation of this vulnerability allows an authenticated attacker to escalate privileges and access spaces outside their assigned partition, …Read brief - Brief
Siemens SICAM 8
Summary: View CSAF Summary Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 …Read brief - Brief
CISA Adds Two Known Exploited Vulnerabilities to Catalog
Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With ...
Summary: CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With … Why it matters: This matters if it changes how teams …Read brief - Brief
Establishing a Coordinated Vulnerability Disclosure Program to Work With Security Researchers
Summary: Developed by CISA, the National Security Agency (NSA) and international partners, this joint guidance contains best practices for software manufacturers and online service …Read brief - Brief
The US is advancing AI safety through state and federal action
Summary: OpenAI outlines a “reverse federalism” approach to AI governance, where state laws help build a national framework for safe, democratic AI. Why it matters: This matters if …Read brief - Brief
GPT-Red: Unlocking Self-Improvement for Robustness
Summary: Explore GPT-Red, OpenAI’s automated red teaming system that uses self-play to improve AI safety, alignment, and prompt injection robustness. Why it matters: This matters …Read brief - Brief
Opinion 21/2026 on the draft decision of the Irish Supervisory Authority regarding the Controller Binding ...
Summary: Opinion 21/2026 on the draft decision of the Irish Supervisory Authority regarding the Controller Binding … Why it matters: This matters if it changes how teams …Read brief - Brief
Opinion 20/2026 on the draft decision of the Dutch Supervisory Authority regarding the Controller Binding ...
Summary: Opinion 20/2026 on the draft decision of the Dutch Supervisory Authority regarding the Controller Binding … Why it matters: This matters if it changes how teams …Read brief