<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Spoiledlunch</title><link>https://de295b54.spoiledlunch.pages.dev/</link><description>Nerdy Stuff. Tech Talk. Zero Freshness. Analysis and commentary on GRC, security, and AI.</description><generator>Hugo 0.160.1</generator><language>en-us</language><lastBuildDate>Fri, 17 Jul 2026 12:00:00 +0000</lastBuildDate><atom:link href="https://de295b54.spoiledlunch.pages.dev/news/" rel="self" type="application/rss+xml"/><item><title>EDPB calls for legal basis for cross-regulatory information sharing</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-17-edpb-calls-for-legal-basis-for-cross-regulatory-information-sharing/</link><pubDate>Fri, 17 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-17-edpb-calls-for-legal-basis-for-cross-regulatory-information-sharing/</guid><description>News Brief • July 17, 2026 | Topics: GRC | Summary: Dublin, 17 July– At a high-level meeting in Dublin on 16 and 17 July 2026, the European Data Protection Board (EDPB) called for a clear legal …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> Dublin, 17 July– At a high-level meeting in Dublin on 16 and 17 July 2026, the European Data Protection Board (EDPB) called for a clear legal basis for the sharing of information among regulators with different competences.</p><p><strong>Why it matters:</strong> This matters if it changes compliance expectations, enforcement posture, or the practical workload for teams that have to translate guidance into controls, evidence, and operating process.</p><p><strong>What to watch:</strong> Watch for follow-on implementation guidance, regulator clarification, enforcement movement, or changes in how larger organizations operationalize the requirement.</p><p><strong>Source:</strong><a href="https://www.edpb.europa.eu/news/edpb-calls-for-legal-basis-for-cross-regulatory-information-sharing_en">EDPB News</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>GRC</category><category>grc</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>edpb-news</category></item><item><title>Why teens deserve access to safe AI</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-why-teens-deserve-access-to-safe-ai/</link><pubDate>Thu, 16 Jul 2026 16:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-why-teens-deserve-access-to-safe-ai/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: Learn how OpenAI is making ChatGPT safer for teens with age-appropriate protections, learning tools, parental controls, and expert …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> Learn how OpenAI is making ChatGPT safer for teens with age-appropriate protections, learning tools, parental controls, and expert partnerships.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://openai.com/index/why-teens-deserve-access-safe-ai">[AI Governance] OpenAI News</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>safety</category></item><item><title>SEC Proposes New E-Delivery Approach to Make Information More Readily Accessible and Useful for Investors</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-sec-proposes-new-e-delivery-approach-to-make-information-more-readily-accessible-and-useful-for-investors/</link><pubDate>Thu, 16 Jul 2026 12:57:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-sec-proposes-new-e-delivery-approach-to-make-information-more-readily-accessible-and-useful-for-investors/</guid><description>News Brief • July 16, 2026 | Topics: GRC | Summary: The Securities and Exchange Commission today proposed Regulation E-Delivery, a new rule that would expand the ability of issuers, …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> The Securities and Exchange Commission today proposed Regulation E-Delivery, a new rule that would expand the ability of issuers, broker-dealers, investment advisers, and others to use electronic delivery to satisfy information delivery requirements…</p><p><strong>Why it matters:</strong> This matters if it changes compliance expectations, enforcement posture, or the practical workload for teams that have to translate guidance into controls, evidence, and operating process.</p><p><strong>What to watch:</strong> Watch for follow-on implementation guidance, regulator clarification, enforcement movement, or changes in how larger organizations operationalize the requirement.</p><p><strong>Source:</strong><a href="https://www.sec.gov/newsroom/press-releases/2026-67-sec-proposes-new-e-delivery-approach-make-information-more-readily-accessible-useful-investors">[Executive Risk] SEC Press Releases</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>GRC</category><category>grc</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>executive-risk-sec-press-releases</category></item><item><title>AutomationDirect Productivity Suite</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-automationdirect-productivity-suite/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-automationdirect-productivity-suite/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker with local or physical access to cause memory …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker with local or physical access to cause memory corruption, unintended information disclosure, application instability, or a denial-of-service condition in the affected product.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>CISA Adds Three Known Exploited Vulnerabilities to Catalog</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-cisa-adds-three-known-exploited-vulnerabilities-to-catalog/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-cisa-adds-three-known-exploited-vulnerabilities-to-catalog/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
Why …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/alerts/2026/07/16/cisa-adds-three-known-exploited-vulnerabilities-catalog">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>NASA Core Flight System (cFS) Health ＆ Safety (HS) Application</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-nasa-core-flight-system-cfs-health-safety-hs-application/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-nasa-core-flight-system-cfs-health-safety-hs-application/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.
Why it …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-03">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>Rockwell Automation 1756-EN2, 1756-EN3, and 1756-ENBT</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-1756-en2-1756-en3-and-1756-enbt/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-1756-en2-1756-en3-and-1756-enbt/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.
Why it …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-02">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>Rockwell Automation Arena</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-arena/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-arena/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: View CSAF Summary Successful exploitation these vulnerabilities could allow an attacker to execute arbitrary code in the context of the …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> View CSAF Summary Successful exploitation these vulnerabilities could allow an attacker to execute arbitrary code in the context of the current process.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-01">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>Rockwell Automation CompactLogix, ControlLogix, Compact GuardLogix and GuardLogix</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-compactlogix-controllogix-compact-guardlogix-and-guardlogix/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-compactlogix-controllogix-compact-guardlogix-and-guardlogix/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.
Why it …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-06">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>Rockwell Automation FactoryTalk DataMosaix</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-factorytalk-datamosaix/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-factorytalk-datamosaix/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an authenticated attacker to inject malicious scripts on the …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> View CSAF Summary Successful exploitation of this vulnerability could allow an authenticated attacker to inject malicious scripts on the server.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-09">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>Rockwell Automation Flex 5000 Adapter</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-flex-5000-adapter/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-rockwell-automation-flex-5000-adapter/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected product.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-08">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>SALTO ProAccess Space</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-salto-proaccess-space/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-salto-proaccess-space/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: View CSAF Summary Successful exploitation of this vulnerability allows an authenticated attacker to escalate privileges and access spaces …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> View CSAF Summary Successful exploitation of this vulnerability allows an authenticated attacker to escalate privileges and access spaces outside their assigned partition, within the same Salto ProAccess Space installation or system.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-07">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>Siemens SICAM 8</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-siemens-sicam-8/</link><pubDate>Thu, 16 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-16-siemens-sicam-8/</guid><description>News Brief • July 16, 2026 | Topics: AI | Summary: View CSAF Summary Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> View CSAF Summary Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 for CP-8031/CP-8050 - SICORE for CP-8010/CP-8012 - SICAM EGS Device firmware - CPCI85 - SICAM S8000 - SICORE Siemens has released &hellip;</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-05">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>CISA Adds Two Known Exploited Vulnerabilities to Catalog</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-cisa-adds-two-known-exploited-vulnerabilities-to-catalog/</link><pubDate>Wed, 15 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-cisa-adds-two-known-exploited-vulnerabilities-to-catalog/</guid><description>News Brief • July 15, 2026 | Topics: AI | Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
Why it …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/alerts/2026/07/15/cisa-adds-two-known-exploited-vulnerabilities-catalog">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With ...</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-cisa-and-partners-publish-guidance-to-help-software-manufacturers-and-online-service-providers-work-with/</link><pubDate>Wed, 15 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-cisa-and-partners-publish-guidance-to-help-software-manufacturers-and-online-service-providers-work-with/</guid><description>News Brief • July 15, 2026 | Topics: AI | Summary: CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With …
Why it matters: This …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With &hellip;</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/news-events/news/cisa-and-partners-publish-guidance-help-software-manufacturers-and-online-service-providers-work">[Critical Advisories] CISA News</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-news</category></item><item><title>Establishing a Coordinated Vulnerability Disclosure Program to Work With Security Researchers</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-establishing-a-coordinated-vulnerability-disclosure-program-to-work-with-security-researchers/</link><pubDate>Wed, 15 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-establishing-a-coordinated-vulnerability-disclosure-program-to-work-with-security-researchers/</guid><description>News Brief • July 15, 2026 | Topics: AI | Summary: Developed by CISA, the National Security Agency (NSA) and international partners, this joint guidance contains best practices for software …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> Developed by CISA, the National Security Agency (NSA) and international partners, this joint guidance contains best practices for software manufacturers and online service providers to design and implement a coordinated vulnerability disclosure (CVD) program for working with external security researchers that includes a clear vulnerability disclosure policy (VDP) &hellip;</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.cisa.gov/resources-tools/resources/establishing-coordinated-vulnerability-disclosure-program-work-security-researchers">[Critical Advisories] CISA Cybersecurity Advisories</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>critical-advisories-cisa-cybersecurity-advisories</category></item><item><title>FTC Approves Final Order Against TruHeight for Deceptive and Unsubstantiated Advertising of Supplements for ...</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-ftc-approves-final-order-against-truheight-for-deceptive-and-unsubstantiated-advertising-of-supplements-for/</link><pubDate>Wed, 15 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-ftc-approves-final-order-against-truheight-for-deceptive-and-unsubstantiated-advertising-of-supplements-for/</guid><description>News Brief • July 15, 2026 | Topics: AI | Summary: The Federal Trade Commission finalized an order with Vanilla Chip LLC—which does business as TruHeight—and its two principals requiring them …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> The Federal Trade Commission finalized an order with Vanilla Chip LLC—which does business as TruHeight—and its two principals requiring them to pay $750,000, while barring them from making false or unsupported health claims and using fake or incentivized consumer reviews.The order finalized by the Commission settles allegations, brought &hellip;</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.ftc.gov/news-events/news/press-releases/2026/07/ftc-approves-final-order-against-truheight-deceptive-unsubstantiated-advertising-supplements-kids">[Executive Risk] FTC Consumer Protection Press Releases</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>executive-risk-ftc-consumer-protection-press-releases</category></item><item><title>The US is advancing AI safety through state and federal action</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-the-us-is-advancing-ai-safety-through-state-and-federal-action/</link><pubDate>Wed, 15 Jul 2026 12:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-the-us-is-advancing-ai-safety-through-state-and-federal-action/</guid><description>News Brief • July 15, 2026 | Topics: GRC | Summary: OpenAI outlines a “reverse federalism” approach to AI governance, where state laws help build a national framework for safe, democratic AI. …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> OpenAI outlines a “reverse federalism” approach to AI governance, where state laws help build a national framework for safe, democratic AI.</p><p><strong>Why it matters:</strong> This matters if it changes compliance expectations, enforcement posture, or the practical workload for teams that have to translate guidance into controls, evidence, and operating process.</p><p><strong>What to watch:</strong> Watch for follow-on implementation guidance, regulator clarification, enforcement movement, or changes in how larger organizations operationalize the requirement.</p><p><strong>Source:</strong><a href="https://openai.com/index/advancing-ai-safety-through-state-and-federal-action">[AI Governance] OpenAI News</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>GRC</category><category>grc</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>global-affairs</category></item><item><title>GPT-Red: Unlocking Self-Improvement for Robustness</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-gpt-red-unlocking-self-improvement-for-robustness/</link><pubDate>Wed, 15 Jul 2026 10:00:00 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-gpt-red-unlocking-self-improvement-for-robustness/</guid><description>News Brief • July 15, 2026 | Topics: AI | Summary: Explore GPT-Red, OpenAI’s automated red teaming system that uses self-play to improve AI safety, alignment, and prompt injection robustness. …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> Explore GPT-Red, OpenAI’s automated red teaming system that uses self-play to improve AI safety, alignment, and prompt injection robustness.</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://openai.com/index/unlocking-self-improvement-gpt-red">[AI Governance] OpenAI News</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>safety</category></item><item><title>Opinion 21/2026 on the draft decision of the Irish Supervisory Authority regarding the Controller Binding ...</title><link>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-opinion-21-2026-on-the-draft-decision-of-the-irish-supervisory-authority-regarding-the-controller-binding/</link><pubDate>Wed, 15 Jul 2026 08:42:07 +0000</pubDate><guid>https://de295b54.spoiledlunch.pages.dev/news/2026-07-15-opinion-21-2026-on-the-draft-decision-of-the-irish-supervisory-authority-regarding-the-controller-binding/</guid><description>News Brief • July 15, 2026 | Topics: AI | Summary: Opinion 21/2026 on the draft decision of the Irish Supervisory Authority regarding the Controller Binding …
Why it matters: This …</description><content:encoded>&lt;![CDATA[<p><strong>Summary:</strong> Opinion 21/2026 on the draft decision of the Irish Supervisory Authority regarding the Controller Binding &hellip;</p><p><strong>Why it matters:</strong> This matters if it changes how teams think about model governance, safety work, monitoring, or regulatory exposure around deployed AI systems.</p><p><strong>What to watch:</strong> Watch for follow-on technical guidance, deployment constraints, evaluation details, or signs that the announcement changes actual production practice rather than just policy language.</p><p><strong>Source:</strong><a href="https://www.edpb.europa.eu/documents/opinion-of-the-board-art-64/opinion-212026-on-the-draft-decision-of-the-irish-supervisory_en">EDPB publications</a></p>
]]></content:encoded><author>Spoiledlunch</author><category>AI</category><category>ai</category><category>user-state-com-google-reading-list</category><category>user-label-spoiledlunch-news</category><category>user-state-org-freshrss-main</category><category>edpb-publications</category></item></channel></rss>