HackWithHeart

Tag: SupplyChain

  • Your Vendor’s Breach Is Your Breach

    It’s a Paper Trail for the week ending in May 2, 2026, and we’ll cover what happened last week in the Information Security space.

    The Bottom Line

    AI is fundamentally changing the speed of cyberattacks. The window between a vulnerability being discovered and it being weaponized is now measured in hours, not days. Simultaneously, the security teams are underpaid, understaffed, and leaving. These two forces together represent a material shift in organizational risk that requires attention, not just a patch cycle.

    Last Week, in Review

    • Fortinet released its 2026 Global Threat Landscape Report drawing on telemetry from millions of sensors deployed worldwide. The headline numbers are stark: ransomware victims surged 389% year-over-year. More significant for every organization than that count, however, is what’s happening to timing. As AI accelerates reconnaissance, weaponization, and execution, FortiGuard Intelligence shows time-to-exploit has dropped to 24–48 hours for critical outbreaks, a sharp increase from earlier reports that showed a time-to-exploit of 4.76 days. [Fortinet]
    • Google announced a significant restructuring of its Vulnerability Reward Programs for Chrome and Android as AI starts to get introduced in the vulnerability research pipeline. Google is now prioritizing flaw categories that are more difficult for AI tools to find, while reducing some lower-tier Chrome awards. For organizations running their own bug bounty programs, the future may hold a higher number of AI-generated low-quality submissions which will swamp triage capacity unless programs are redesigned around it. [SecurityWeek]
    • A Harvey Nash Global Tech Talent & Salary Report, based on a survey of over 3,600 technology professionals across 53 countries, found that cybersecurity staff are among the most financially overlooked workers in tech. Globally, 71% of security professionals received no salary increase in 2025. Only 40% of security staff expect a pay rise in 2026. Almost half (49%) are actively looking to move jobs in the next twelve months, well above the global average of 39% across all tech roles. [The Register, InfoSecurity Magazine]

    Pulse

    LayerX disclosed a high-severity vulnerability (CVSS 8.2) in Cursor – one of the most widely used AI-powered code editors for developers – that allows installed extensions to access sensitive credentials, exposing API keys and session tokens without any user interaction. The issue stems from how Cursor stores secrets locally in plaintext in a local SQLite database, leaving them accessible to any extension regardless of permissions. Cursor enforces no OS-level protected storage or access control boundary between installed extensions and this database. Cursor was notified in February, responded that extensions are within the user’s trust boundary, and as of April 28 had not issued a fix. [LayerX, InfoSecurity]

    Vimeo published a security notice confirming that an unauthorized actor accessed customer and user data – not by breaking into Vimeo itself, but by compromising Anodot, a third-party analytics platform Vimeo uses. Exposed data primarily includes technical data, video titles, metadata, and in some cases customer email addresses; video content, login credentials, and payment data were not accessed. This is the third-party risk story in its purest form that highlights that a vendor’s security posture is part of an organizations’ attack surface. [Vimeo, Bleeping Computer, SecurityWeek]

    Fix-it Frank

    A CRLF injection in cPanel’s pre-authentication session handling allows an unauthenticated remote adversary to inject arbitrary values directly into a session file written to disk before any credential check occurs. This allows adversaries to receive a fully authenticated root WHM session, bypassing both the password gate and two-factor authentication with no requirement for valid credentials. The flaw affects all supported versions of cPanel & WHM after v11.40 and WP Squared prior to v136.1.7, spanning an estimated 650,000+ internet-exposed instances. Confirm with the hosting provider or sysadmin that cPanel is patched to a fixed version, then audit WHM session logs and server-side accounts for unauthorized root-level changes going back to February 23, 2026. [cPanel, Rapid7, watchTowr Labs, Help Net Security]

    The Jenkins project – one of the most widely deployed CI/CD platforms – published a security advisory addressing seven plugin vulnerabilities across multiple widely-deployed Jenkins plugins, including high-severity path traversal flaws and stored cross-site scripting (XSS) vulnerabilities. Organizations should review and update all flagged plugins immediately via the Jenkins Plugin Manager. Additionally, Jenkins UI access should be limited to internal networks or VPN and the Jenkins controller should not be directly accessible from the internet under any circumstances. [Jenkins Project]

    Paper Trail is a weekly briefing, not professional advice. Consult qualified professionals before acting on anything we report.

    Thanks for tuning-in to this edition of Paper Trail. You can read it, hear it, or bookmark it – find every format at hackwithheart.com.

  • The Changing Security Perimeter

    It’s a Paper Trail for the week ending in April 26, 2026, and we’ll cover what happened last week in the Information Security space.

    The Bottom Line

    The perimeter that organizations think they’re defending is no longer where the attacks are coming in. Three converging themes defined the week: a coordinated wave of supply chain attacks targeting tools companies trust by default; AI compressing the window between a vulnerability appearing and an adversary weaponizing it; and early signs that AI is shifting the asymmetry toward defenders – giving security teams an optimistic outlook. Taken together, these are not IT problems but rather business continuity and governance problems.

    Last Week, in Review

    • A high-severity flaw in LMDeploy – an open-source toolkit used by AI developers to compress, deploy, and serve large language models – was under active exploitation in the wild fewer than 13 hours after its existence was publicly disclosed. [The Hacker News]
    • Mozilla published a blog post announcing the release of Firefox 150 that included patches for 271 security vulnerabilities – every one of them identified by an early version of Anthropic’s Claude Mythos AI model during internal testing. While the Firefox team remediated the findings, the Firefox CTO came to an optimistic conclusion that defenders finally have a chance to win, decisively. [Mozilla, SecurityWeek, TechRepublic]
    • Cisco Talos published its Q1 2026 incident response trends report that noted that 18% of the engagements in the quarter involved organizations with insufficient logging capabilities, affecting the investigation capability. [Cisco Talos

    Pulse

    Vercel – the cloud platform behind the Next.js framework used by tens of thousands of startups and engineering teams – disclosed a breach on April 20 after adversaries accessed its internal Google Workspace environment. The entry point was a third-party AI productivity tool called Context.ai, which a Vercel employee had signed up for using their corporate account and granted “Allow All” OAuth permissions. Context.ai had separately suffered a breach of its own AWS environment, and the compromised OAuth tokens from that incident gave adversaries a bridge straight into Vercel’s Google Workspace. Adversaries claimed to have stolen source code, API keys, environment variable credentials, and internal deployment data. Vercel confirmed the incident and, after working with Microsoft, GitHub, npm, and Socket, stated that its npm packages were not compromised. [Vercel, ContextAI, The Hacker News, SecurityWeek]

    Forcepoint X-Labs found 10 distinct indirect prompt injection (IPI) payloads active in the wild – malicious instructions hidden inside publicly accessible web content that silently execute when an AI agent reads or processes that page. Unlike traditional attacks that require a human to interact with malicious content, IPI payloads are invisible to the human user: they sit in HTML comments, metadata fields, or body text and automatically coerce AI agents into carrying out adversary instructions as a direct consequence of agents doing their jobs. Such attacks may affect agents that browse web pages, index content for RAG pipelines, process HTML metadata, and take autonomous actions – making them a high-impact target. [Forcepoint, InfoSecurity]

    Fix-it Frank

    A supply chain attack compromised @bitwarden/cli v2026.4.0 via a hijacked GitHub Action, which allowed exfiltration of cloud credentials, CI/CD secrets, SSH keys, and AI API tokens to adversary-controlled infrastructure where bitwarden cli was in use. While Bitwarden’s vault and browser extensions were unaffected, the ~1.5-hour exposure window carried significant blast radius given ~250,000 monthly downloads and the package’s prevalent use in secrets-injection pipelines – a single compromised developer machine can propagate access laterally across every pipeline those credentials can reach. Any environment in which the Bitwarden npm package was updated to the affected version should treat credentials on impacted machines as compromised; all exposed credentials should be rotated, GitHub workflows audited for unauthorized changes, and affected systems upgraded to @bitwarden/cli@2026.4.1 or later with the version explicitly pinned. [BitWarden, The Hacker News, SecurityWeek, Socket, Endor Labs

    Three coordinated supply chain attacks across npm, PyPI, and Docker Hub coincided with the Bitwarden incident, with AI API keys, MCP configuration files, and LLM provider tokens explicitly targeted alongside conventional cloud credentials. A self-propagating credential worm in pgserve (npm) autonomously re-injected and republished its payload across both npm and PyPI ecosystems; xinference on PyPI and Checkmarx’s KICS Docker images and VS Code extensions carried identical credential-stealing payloads the following day — the latter serving as a direct vector into the Bitwarden CLI compromise. Any environment that installed these packages during that window should treat all credentials as compromised and rotate immediately; the known C2 endpoint should be blocked at the proxy or DNS layer, and version pinning should be enforced across all CI/CD dependency installs. [GitGuardian, The Hacker News, The Register]

    Oracle’s Q2 2026 Critical Patch Update delivers 481 patches across 241 CVEs and 28 product families, with the most acute exposure being CVE-2025-15467 – an unauthenticated remote code execution flaw in MySQL Enterprise Backup affecting versions 8.0.0-8.0.45, 8.4.0-8.4.8, and 9.0.0-9.6.0. Oracle Communications received 139 patches including 93 for remotely unauthenticated vulnerabilities, and 8 of 12 Java SE patches are remotely exploitable. [Oracle, Qualys, SecurityWeek, Tenable]

    The Fine Print

    CISA had announced a series of virtual town halls organized by sector to gather additional input before finalizing CIRCIA – the law that will require an estimated 316,000 entities across 16 critical infrastructure sectors to report significant cyber incidents to CISA within 72 hours, and ransomware payments within 24 hours. Those town halls, originally scheduled March 9 through April 2, were postponed. [CISA

    Paper Trail is a weekly briefing, not professional advice. Consult qualified professionals before acting on anything we report.

    Thanks for tuning-in to this edition of Paper Trail. You can read it, hear it, or bookmark it – find every format at hackwithheart.com.

  • The Road to Resilience via MFA and Global Verification

    It’s a Paper Trail for the week ending in April 4, 2026, and we’ll cover what happened last week in the Information Security space.

    Last Week, in Review

    • BitSight recorded publicly disclosed data breaches between April 2025 and March 2026, spanning the public sector (21.4%), educational services (14.5%), information services (13.6%), and finance and insurance (12.9%). The most breaches were reported in the U.S. (755) over the period. The breadth of affected industries highlight that no sector is immune and organizations must layer their defenses and have contingencies for the worst-case scenario. [BitSight]
    • Google rolled out Android Developer verification globally for Play Console and Developer Console, to reduce the risk of distribution of apps with malware. This will make it significantly harder for anonymous actors to deploy malicious apps without requiring additional user actions – starting from September 2026 in Brazil, Indonesia, Singapore, and Thailand, before expanding globally in 2027. While this helps strengthen the supply chain trust, organizations still need to employ MDM or MAM solutions to reduce the enterprise risk for mobile devices. [Android Developers, The Hacker News]

    Pulse

    Palo Alto Networks Unit 42 research identified that Google Cloud’s Vertex AI platform grants deployed AI agents permissive access by default – including the ability to read all cloud storage buckets in the project. An attacker who deploys a malicious agent can leverage the service account’s default credentials to pivot into the broader cloud environment and access that data. Because the attack operates within the bounds of legitimately granted permissions, it may not produce obvious alerts for teams to investigate. This highlights the need to consistently audit identity permissions in the environment, and to recognize that even well-designed cloud platforms can inadvertently introduce attack paths when defaults aren’t carefully reviewed and scoped. [Palo Alto Networks, The Hacker News]

    A remote access toolkit dubbed CTRL – as identified by Censys – is distributed via malicious Windows shortcut (LNK) files disguised as private key folders. The disguise makes a malicious script look like a folder; double-clicking it silently executes a PowerShell payload. The custom .NET toolkit enables credential phishing, keylogging, RDP (Remote Desktop Protocol) hijacking, and reverse tunneling. It exploits end users’ curiosity about ‘private keys,’ making the social engineering lure especially effective against developers and power users. [Censys, The Hacker News]

    Fix-it Frank

    F5 BIG-IP is a critical application delivery platform used by enterprises – including financial institutions – for load balancing SSL termination, application firewalling, and VPN access. A vulnerability, in F5 BIG-IP APM (Access Policy Manager) devices, originally classified as medium severity denial-of-service – disclosed in October 2025 (CVE-2025-53521) – was reclassified to critical severity unauthenticated RCE after it was found to be under active exploitation by remote adversaries that deployed web shells. Successful exploitation of this vulnerability could grant the adversaries a strategic chokepoint to intercept credentials, inject malicious responses, and move laterally in the organization. Organizations should upgrade their 15.x, 16.x, and 17.x versions of BIG-IPs to the latest versions to remediate the vulnerabilities. [Arctic Wolf, The Hacker News, Dataminr, F5]

    Axios – one of the most popular NPM packages with ~100 million weekly downloads – was hit with a supply-chain attack. Any build pipeline, developer workstation, or production application that ran npm install during the ~3-hour exposure window and installed Axios versions 1.14.1 or 0.30.4 may have been affected by the malicious package. Organizations should pin the Axios version to known good versions, rotate the credentials, and take multiple additional actions. [Microsoft, SOCReader, Arctic Wolf

    The Fine Print

    The FTC announced a proposed settlement with OkCupid and Match Group Americas, over allegations that OkCupid secretly shared nearly three million users’ photos, location data, and demographic details with Clarifai – an AI facial recognition company – despite a privacy policy explicitly promising data would only go to service providers, business partners, or affiliates. Clarifai was none of those. The FTC also alleged years of active concealment, including obstruction of the agency’s Civil Investigative Demand. The settlement carries no monetary penalty but permanently bars both companies from misrepresenting their data practices and requires ten years of compliance reporting to the FTC. This serves as a reminder for organizations to review their privacy policies against actual data flows in their applications. [Ars Technica, ArentFox Schiff]

    Every NYDFS-licensed entity must file its Annual Certification of Material Compliance (or Acknowledgment of Noncompliance) by April 15, 2026 the first annual certification that must affirmatively cover compliance with the November 1, 2025 amendments to Part 500, which added mandatory multifactor authentication (MFA) for any individual accessing any information system with nonpublic information, as well as written asset inventory policies and procedures. Organizations should confirm MFA is active for all users and all information systems – including cloud consoles, identity providers, remote access, and internal systems alike. If exceptions exist, they should be documented and approved by appropriate authorities within the organization with appropriate compensating controls. [Greenberg Traurig]

    The Bottom Line

    From global developer verification to the strengthening of regional compliance standards, this week highlights a collective move toward a more transparent and resilient digital world. As we look ahead, with the NYDFS deadline nearly here, what’s one proactive step your team has taken this week to make your environment even more resilient?

    This newsletter is provided for informational purposes only and does not constitute legal, compliance, or professional cybersecurity advice. Readers should consult qualified legal, compliance, or cybersecurity professionals before making decisions based on any information contained herein.

    Thanks for tuning-in to this edition of Paper Trail. We’d love your ideas and suggestions, so email us at feedback@hackwithheart.com. You can follow Paper Trail wherever you like best – read it on hackwithheart.com, listen on Spotify or Apple Podcasts, or watch on YouTube.

  • Shifting Dwell Times, Weaponized Polyglots, and AI Privacy Laws

    It’s a Paper Trail for the week ending in March 28, 2026, and we’ll cover what happened last week in the Information Security space.

    Last Week, in Review

    • Google’s Mandiant M-Trends 2026 report – based on 500,000+ hours of incident response in 2025 – identified that hand-off time between initial access brokers and follow-on adversaries has collapsed to a median of 22 seconds from 8+ hours in 2022, with global median dwell time rising from 11 days to 14 days. Furthermore, ransomware attacks are not only leading to an organization’s data being encrypted but also to destruction of backups, identity services and virtualization management planes to deny recovery. [Google]
    • The introduction of Semgrep Multimodal and GitHub’s AI-powered bug detection alongside CodeQL points to a growing consensus that pure static analysis and pure AI based security code scanning fall short on their own. As AI supercharges both code output and exploit development, the industry is converging on the defense of merging them together to help keep pace with deterministic precision, and amplified machine reasoning. [GitHub, Semgrep]

    Pulse

    Deepfake technology is now cheap but realistic enough that adversaries can use AI-cloned voices and video to impersonate executives and authorize fraudulent wire transfers – creating a possibility of incidents going unreported because employees believe that they are talking to real colleagues. No U.S. law requires companies to disclose a successful deepfake attack, leaving a significant regulatory blind spot as the threat scales. Organizations should combine simulated deepfake drills, AI detection capability, and – most critically – mandatory out-of-band verification for any digital request involving payments or system access. [Bloomberg Law]

    A sophisticated multi-stage, multi-ecosystem supply chain compromise was used to gain a foothold and compromise LiteLLM – a package used by AI frameworks relied upon by Stripe, Netflix, Google, and thousands of startups – and found in 36% of all cloud environments according to Wiz, meaning any developer or pipeline that installed the package unknowingly pulled down credential-stealing malware alongside it. The attack is notable not just for its scale, but its method where adversaries first compromised Aqua Security’s Trivy – a widely trusted security scanning tool – to gain a foothold in the software supply chain, then used that position to push malicious code into LiteLLM on PyPI. Since malware arrived through a trusted and routine update, developers and automated pipelines had no reason to suspect it. Organizations should audit any Python environments, CI/CD pipelines, or containers that installed LiteLLM between 10:39 – 16:00 UTC on March 24 for compromised versions 1.82.7 and 1.82.8 of LiteLLM. If these versions are found, all secrets from affected systems should be rotated. [DataDog, Snyk, The Record]

    Fix-it Frank

    Insufficient input validation leading to memory overread vulnerability (CVE-2026-3055) in Citrix NetScaler ADC and NetScaler Gateway versions prior to 13.1-62.23 for 13.x series or 14.1-66.59 for 14.x series are under active reconnaissance and – if exploited – could allow an adversary to read sensitive contents from the memory. It is recommended to upgrade these appliances to the latest and supported versions to remediate vulnerabilities. [Citrix, watchTowr Labs, The Hacker News]

    Apple issues emergency software updates for older versions of iOS and iPadOS after Coruna – an exploit kit chaining multiple vulnerabilities to compromise the device OS versions 13 to 17.2.1 – was identified as being actively used. These patches will be available for iPhone 6s, iPhone 7, iPhone SE (1st gen), iPhone 8, iPhone 8 Plus, and iPhone X , iPad Air 2, iPad mini (4th gen). Organizations still running these older devices with older software versions should immediately rollout upgrade, or at the least retire the devices if they are no longer supported. [SecurityWeek, Google]

    PolyShell – a vulnerability in Magento’s REST API’s file upload functionality in cart item custom options  stems from insufficient validation against polyglot files, which can act as both an image and a script and depending on server configuration, this can lead to remote code execution or account takeover through stored cross-site scripting (XSS). While the complete remediation for this vulnerabilities is not yet available, mitigating factors such as 3rd party patch (markshust/magento-polyshell-patch) should be applied along with configuring nginx/apache to block access to files within pub/media/custom_options directory. [Bleeping Computer, Searchlight Cyber]

    The Fine Print

    On March 20, 2026, the White House released a policy framework for AI, recommending congress to promote development of Artificial Intelligence, establish a unified federal standard for AI regulations in place of state-by-state approach, and preserve state authority over child safety and consumer protection. [Davis Wright Tremaine, Holland & Knight]

    Oklahoma signed SB 546 into law on March 20, 2026, making it the 21st state with a comprehensive consumer data privacy law, effective January 1, 2027. Modeled after Virginia and Tennessee’s frameworks, the law applies to organizations processing personal data of 100,000 or more Oklahoma residents – or 25,000 or more if over 50% of revenue comes from data sales – and includes consumer rights around access, correction, deletion, and opt-out, along with a mandatory 30-day right to cure. [Davis Wright Tremaine, Hunton Andrews Kurth]

    The Bottom Line

    The perimeter is no longer a place defenders can defend from. When the tools built to protect pipelines become the delivery mechanism for malware, when handoffs between threat actors happen faster than an alert can fire, and when a single deepfake call can authorize a wire transfer, the defenses of the past demand adaptation – hybrid detection, out-of-band verification, and improved supply chain rigor are no longer optional layers, they are the baseline.

    Thanks for tuning-in to this edition of Paper Trail. We’d love your ideas and suggestions, so email us at feedback@hackwithheart.com. You can follow Paper Trail wherever you like best – read it on hackwithheart.com, listen on Spotify or Apple Podcasts, or watch on YouTube.

  • Cisco SD-WAN Bypass, ManoMano Breach & AI-Fueled Exploit Surge

    It’s a Paper Trail for the week ending in Feb 28, 2026, and we’ll cover what happened last week in the Information Security space.

    Last Week, in Review

    • Critical authentication bypass vulnerability – CVE 2026-20127 – in Cisco SD-WAN, with exploitation dating back to 2023, allows an unauthenticated adversary to fully compromise controllers, obtain administrative privileges, and potentially manipulate network configuration. The vulnerability falls under the patch NOW category for organizations using Cisco SD-WAN products. [Cisco, The Hacker News]
    • Microsoft, in its recent Cyber Pulse Report, identified that over 80% of Fortune 500 companies have active AI agents built using low-code or no-code tools. It further highlighted that only 47% of the organizations have applied security controls to their GenAI platforms, and 29% of employees use non-approved agents at work. [Microsoft, Microsoft]
    • ManoMano – a European online marketplace – confirmed a data breach (allegedly) affecting approximately 38 million individuals (based on attacker claims and third-party reporting) across France, Germany, Italy, Spain, and the United Kingdom. The breach was a result of a compromise of a customer service subcontractor – underscoring the importance of active risk management and governance practices across third- and fourth-party partnerships. [SecurityWeek, TechRepublic, SecurityAffairs]
    • VEIR identified that year-over-year tracked exploits rose by 16.5%, with a significant portion of the increase attributed to AI-generated proof-of-concept code, including nonfunctional or misleading exploit content. However, it was noted that only 1% of the reported vulnerabilities in 2025 were weaponized in the wild, with some driving outsized impact than others – highlighting the need to adopt risk-based remediation. [VulnCheck]

    Pulse

    Qrator Labs identified a C++ botnet loader for Windows operating system – Aeternum C2 – that uses smart contracts hosted on the Polygon blockchain to fetch instructions instead of the traditional approach of loading the information from hardcoded IP(s) and/or domain(s) of centralized command-and-control infrastructure, requiring a shift in how security operation teams think about prevention. [HackRead, Qrator Labs, Cyber Security News]

    ReversingLabs discovered a malicious NuGet package – StripeApi[.]Net – impersonating Stripe’s official .NET library including the official package’s branding and readme, and was uploaded by a fake account on February 16. The package’s download count was artificially inflated to make it appear legitimate and instill developer trust in the package. [ReversingLabs, ReversingLabs, The Hacker News

    Orca Security disclosed a passive prompt injection vulnerability – RoguePilot – in GitHub Codespaces that could have allowed attackers to inject malicious Copilot instructions through GitHub issues, potentially leaking GITHUB_TOKEN credentials and enabling repository control. [SecurityWeek, Orca Security]

    Fix-it Frank

    Claude Code – a popular agentic coding platform by Anthropic – was found to allow adversaries to achieve remote code execution and steal API credentials through malicious project configurations when users clone and open untrusted repositories. Claude Code should be upgraded to v2.0.65+ or later to address GHSA-ph6w-f82w-28w6 – affecting versions prior to 1.0.87, CVE-2025-59536 (September 2025) – affecting versions prior to 1.0.111 (October 2025), and CVE-2026-21852 – affecting versions prior to 2.0.65 (January 2026). [Checkpoint, The Hacker News]

    Broadcom released patches for a high-severity command injection security vulnerability – CVE-2026-22719 – affecting VMware Aria Operations. VMware Cloud Foundation and vSphere Foundation should be upgraded to version 9.0.2.0 or later, and Aria Operations to version 8.18.6 or later. [SecurityWeek]

    Juniper Networks issued an out-of-band emergency patch for a remote code execution vulnerability – tracked as CVE-2026-21902 – in Junos OS Evolved for PTX series routers. It affects the anomaly detection framework and can grant an unauthenticated adversary with network access the ability to execute arbitrary code with root privileges.  [SecurityWeek, Juniper Networks]

    The Fine Print

    The Marquis Software Solutions v. SonicWall lawsuit, alleges gross negligence and misrepresentation that led to a ransomware attack disrupting operations at 74 U.S. financial institutions. This could set an important precedent for security vendor accountability and may reshape vendor contract requirements, especially in regulated industries like financial services and healthcare. [Bleeping Computer, CyberPress, PacerMonitor]

    The EU Cyber Resilience Act (CRA) – a regulation setting mandatory cyber security requirements for hardware and software makers that are placing a product on the European market – vulnerability reporting requirements take effect on September 11, 2026 with all obligations going into full effect by December 11, 2027. [ORC, VinciWorks, EU Commission]

    State-specific comprehensive consumer privacy statutes expand to cover 20 states in the USA – with Kentucky, Rhode Island, and Indiana newly joining the list as of January 1, 2026 – while the Federal Trade Commission (FTC) issued a COPPA enforcement policy statement to incentivize responsible age-verification practices and signaled a COPPA Rule review regarding age verification mechanisms. [White & Case, Multistate]

    The Bottom Line

    The widening gap between AI adoption and AI governance, the shift toward blockchain-based C2 infrastructure, and supply chain attacks targeting both vendor partnerships and developer ecosystems all point to an attack surface expanding faster than most organizations can govern it. Meanwhile, shifting legal and regulatory landscape signal that the legal and regulatory consequences of falling behind may have tangible impact on the organizations.

    Thanks for tuning-in to this edition of Paper Trail. If you found this helpful, don’t forget to subscribe.