[THIS POST HAS BEEN UPDATED TO REFLECT CHANGES TO THE LEGISLATION PRIOR TO SIGNING.] On May 9, 2025, New York Governor Kathy Hochul signed Assembly Bill A3008 into law. The omnibus legislation mandates transparency in personalized algorithmic … [Read more] about NY Passes Law Governing Personalized Algorithmic Pricing; AI Companions
On June 3, 2025, the U.S. Court of Appeals for the Fourth Circuit issued a pivotal ruling in longstanding litigation against Marriott International, Inc., arising out of a 2018 data breach involving its Starwood Preferred Guest Program. In reversing … [Read more] about Suite Victory: Marriott Finally Checks Out of Court
The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a tool designed to enhance digital security across the EU. The EUVD is available here. ENISA created the EUVD under the Network and … [Read more] about European Vulnerability Database Published by the European Union Agency for Cybersecurity
On May 1, 2025, the U.S. Department of Justice (DOJ) announced a settlement under the False Claims Act (FCA) involving defense contractors Raytheon Company (Raytheon), RTX Corporation (RTX), and Nightwing Group—the successor owner to one of … [Read more] about DOJ Settles Another False Claims Act Case for Alleged Failures in Implementing NIST SP 800-171 and Basic Cybersecurity Controls
Cyber security supply chain risks are growing, and attacks on vendors and other third parties cause severe disruption to businesses. For example, in recent years we have seen many incidents that have involved threat actors compromising third-party … [Read more] about UK Publishes Software Security Code