Cybersecurity

Data breaches, cybercrime, security law, and cyber incident response

Regulatory & ComplianceCybersecurity

US cracked down on anti-tech extremists amid AI security fears

US agencies intensify surveillance of anti-technology extremist groups amid AI policy, national security concerns, and supply chain risks.

Jun 2, 20263 min read
Regulatory & ComplianceCybersecurity

New State Laws Tighten Data Breach Notification Rules by 2026

Proposed and enacted laws in California, Connecticut, and Oklahoma tighten data breach notification deadlines and expand reporting requirements for organizations nationwide.

Jun 1, 20263 min read
CybersecurityLegal Operations

Microsoft Threatens Legal Action Over Public Windows Exploit Disclosures

Microsoft threatens legal action against 'Nightmare Eclipse' for publicly sharing six zero-day Windows exploits, sparking cybersecurity and legal debates.

May 30, 20263 min read
CybersecurityLegal Tech

FBI Warns Law Firms of Extortionists Posing as IT Support Technicians

The FBI issued a May 2026 warning about criminals posing as IT support to infiltrate law firms, urging enhanced physical security and staff awareness.

May 27, 20263 min read
CybersecurityRegulatory & Compliance

Stolen NSA Tools Like EternalBlue Keep Corporate Networks at Risk

Stolen NSA hacking tools from 2016, including EternalBlue, still pose security threats and legal challenges for corporations globally.

May 26, 20262 min read
CybersecurityLegal Education

ShinyHunters Hack Disrupts Canvas, Exposes Data of 275M Users

Instructure's Canvas platform breached by ShinyHunters, compromising user data and disrupting exams at nearly 9,000 institutions. Legal professionals face rising LMS cyber risks.

May 15, 20263 min read
Regulatory & ComplianceCybersecurity

CIRCIA Cyber Reporting Deadline Pushed to May 2026 After Industry Pushback

CISA has extended the CIRCIA cyber incident reporting deadline to May 2026, giving critical infrastructure and contractors more time to update compliance protocols and risk plans.

May 13, 20263 min read
CybersecurityRegulatory & Compliance

Medtronic Breach: ShinyHunters Claims 9M Records in Attack

Medtronic confirms a major data breach linked to ShinyHunters, highlighting cybersecurity risks for medical device firms and compliance teams across regulated industries.

May 8, 20262 min read
CybersecurityPrivacy & Data Protection

Cushman & Wakefield Hit by Breach; Client Data Targeted in Twin Cyber Claims

Cushman & Wakefield confirms client data breach after cybercriminals claim access to Salesforce records. Legal teams face immediate risks under global data privacy laws.

May 5, 20263 min read
CybersecurityLegal Tech

Major Instructure Data Breach Exposes Student Information

A cyberattack on EdTech giant Instructure exposed student data from its Canvas platform, affecting millions and prompting urgent data security reviews for education providers.

May 5, 20262 min read
CybersecurityRegulatory & Compliance

CISA Flags Surge in Iranian Cyber Attacks on U.S. Critical Infrastructure

CISA and federal agencies warn legal and corporate sectors of a rise in Iranian-backed cyber attacks targeting U.S. infrastructure, urging urgent cybersecurity action.

May 4, 20262 min read
CybersecurityRegulatory & Compliance

Council of Europe Marks Cybercrime Milestone Amid Romanian Attack Surge

Europe’s cybercrime experts gathered in Bucharest as Romania battles daily DDoS attacks, highlighting urgent collaboration needs for legal and compliance teams.

May 2, 20262 min read
Artificial IntelligenceCybersecurity

Pentagon Reiterates Anthropic Blacklist, Eyes Mythos Cybersecurity Model

Pentagon CTO Emil Michael says Anthropic remains blacklisted, but growing interest in Mythos AI model sparks agency-wide evaluation amid evolving federal AI policy.

May 1, 20262 min read
Artificial IntelligenceLegal Tech

Agentic AI Poses Fresh Hallucination Risks for Law Firms

Agentic AI can autonomously act on false or misleading outputs, raising new operational and reputational risks for the legal industry.

Apr 30, 20262 min read
CybersecurityRegulatory & Compliance

CISA and Microsoft flag active Windows zero-click flaw after patch setback

A zero-click Windows vulnerability, actively exploited despite patch efforts, has drawn urgent warnings from CISA and Microsoft over credential theft risks and compliance concerns.

Apr 29, 20263 min read
CybersecurityRegulatory & Compliance

CISA Flags Critical Flaw in NSA’s GrassMarlin OT Discovery Tool

CISA warned of an XML External Entity (XXE) vulnerability in NSA’s GrassMarlin tool, exposing sensitive data for unpatched users and impacting legal and compliance obligations.

Apr 29, 20262 min read
Regulatory & ComplianceCybersecurity

FCA Shares 2025 Cyber Coordination Group Insights, Flags New Compliance Rules

The FCA published a 2025 summary from its Cyber Coordination Group, highlighting cyber risks and the need for compliance with upcoming incident-reporting rules for UK financial firms.

Apr 24, 20263 min read
CybersecurityLegal Tech

UK Cyber Chief Warns: 100+ Countries Have Advanced Spyware

Over 100 countries now own commercial spyware capable of hacking phones, prompting urgent cybersecurity scrutiny for UK legal and corporate sectors.

Apr 22, 20262 min read
Artificial IntelligenceCybersecurity

OpenAI Briefs Governments on GPT-5.4-Cyber Ahead of Launch

OpenAI is briefing U.S. and Five Eyes agencies on its new GPT-5.4-Cyber AI tool, signaling a government-focused launch and raising key legal and regulatory questions.

Apr 22, 20262 min read
Artificial IntelligenceCybersecurity

Unauthorized Group Gains Access to Anthropic's Mythos AI Cyber Tool

Anthropic's Mythos AI, designed to find cybersecurity vulnerabilities, was accessed by unauthorized third parties—raising urgent concerns for legal AI security.

Apr 22, 20262 min read