An active debug flag in Microsoft 365 Android apps allowed arbitrary apps on the device to steal authentication tokens and take over user accounts completely.
The EU is creating a four-tier security classification system for cloud and AI services that favours European providers and structurally disadvantages large US corporations.
The EU Commission is collecting feedback from stakeholders until mid-June 2026 on AI use in medicine and pharmaceuticals to shape regulatory frameworks for faster scaling.
A social engineering attack on an employee in April enabled unauthorized access to customer data from nearly 6 million people at Carnival Corporation, including passport and driver’s license numbers.
The “Pay or Okay” system results in consent rates exceeding 99 percent despite only 0.16 to 7 percent of users actually wanting to be tracked, violating GDPR requirements for genuine consent.
The Cyber Resilience Act establishes security requirements for connected devices and requires adjustments in development, operations, and tool selection.
Police authorities in two federal states are obtaining data from commercial data brokers, a practice that data protection officers classify as unlawful.