preloader

These news items are automatically aggregated from industry sources and are not individually reviewed. Any inaccuracies are unintentional — let us know and we'll correct or remove it.

ai compliance eu gdpr regulation europe enterprise risk

Seven Weeks to EU AI Act Compliance: What High-Risk AI Systems Must Deliver by 2 August

The remaining provisions of the EU Artificial Intelligence Act take effect on 2 August 2026, requiring high-risk AI systems under Annex III to be conformity-assessed, registered in the EU database, and operational with risk management, data governance, logging, and human oversight controls in place. The penalty structure exceeds the GDPR’s, reaching up to 35 million euros or 7 percent of global annual turnover. This deadline arrives as Europe marks the GDPR’s tenth anniversary, a reminder of how enforcement frameworks evolve from aspirational to operational.

security oracle vulnerability cve zero-day enterprise education data-breach

ShinyHunters Exploited Oracle PeopleSoft as a Zero-Day for Two Weeks Before Oracle Issued an Advisory

CVE-2026-35273, a CVSS 9.8 unauthenticated remote code execution vulnerability in Oracle PeopleSoft PeopleTools, was actively exploited in the wild between May 27 and June 9, two weeks before Oracle published its out-of-band security advisory on June 10. Mandiant and Google Threat Intelligence Group have attributed the campaign to ShinyHunters (UNC6240), who breached more than 100 organisations, the majority of them universities and higher education institutions.

security europol ransomware cryptocurrency law-enforcement europe cybercrime

Europol and FBI Dismantle AudiA6, the Crypto Laundering Pipeline Behind 336 Million Euros in Ransomware Proceeds

On 10 June 2026, a joint operation led by Europol and the US Department of Justice dismantled AudiA6, a cryptocurrency laundering service that had processed over 336 million euros in illicit funds since 2021. Two administrators were arrested in Georgia, 25 domains and more than 30 servers were seized, and the takedown severed a primary financial channel used by ransomware groups to convert extortion payments into clean funds. The operators also ran Dark2Web, a dark web forum connecting cybercriminals across Europe and beyond.

hetzner cloud devops infrastructure pricing europe cost-optimisation

Hetzner Raises Prices Again on 15 June: What European DevOps Teams Should Do Now

Hetzner is implementing its third round of price increases this year on 15 June 2026, affecting new orders for dedicated servers and cloud plans across all its locations. With component costs for RAM, SSDs, and GPUs remaining volatile, the increases follow earlier adjustments in April that pushed cloud prices up by 30 to 37 percent in Germany and Finland. The change will not affect existing contracts, but any team planning infrastructure expansion or new deployments needs to factor it in now.

security europe enisa nis2 critical-infrastructure transport compliance incident-response

ENISA's Cyber Europe 2026 Exercise Tests EU's Ability to Defend Rail and Maritime Infrastructure

On 10 and 11 June 2026, ENISA ran the 8th edition of the Cyber Europe exercise, simulating escalating cyberattacks against the EU’s interconnected rail and maritime transport networks. For the first time, the EU Cybersecurity Reserve was activated as part of the scenario, testing the cross-border incident response mechanisms that the EU is building ahead of tighter NIS2 enforcement across transport sector operators.

security france government data-breach digital-privacy europe identity

France's Sovereign Messenger Tchap Breached via Hijacked Government Account

France’s government messaging platform Tchap, built on Matrix to keep civil servant communications off foreign infrastructure, was compromised on 7 June 2026 through a hijacked account in its education environment. An attacker claims to have obtained over 73,000 user accounts, 643,000 messages, and files marked with a French restricted-distribution classification, though the full extent of the breach is still under investigation.

security sap netweaver vulnerability cve enterprise patch europe

SAP's June 2026 Patch Day Fixes Four Critical Flaws Including a 9.9-Severity SAML Bypass in NetWeaver

SAP’s June 2026 Security Patch Day addressed 15 vulnerabilities, four of them rated critical. The most severe, CVE-2026-44748 with a CVSS score of 9.9, allows an authenticated attacker to bypass SAML authentication in SAP NetWeaver AS ABAP by manipulating XML signatures. A second critical flaw, CVE-2026-27671 with CVSS 9.8, allows unauthenticated remote code execution via a memory corruption bug in the ABAP kernel.

cloud eu sovereignty azure aws digital-policy compliance europe

Europe's Cloud Sovereignty Bet: The Cloud and AI Development Act Explained

On 3 June the European Commission published its Tech Sovereignty Package, proposing the Cloud and AI Development Act alongside Chips Act 2.0 and an Open Source Strategy. Together they aim to reduce the EU’s 80% dependence on non-European digital infrastructure and establish a four-tier sovereignty framework for cloud services. The legislation will reshape procurement decisions and cloud architecture choices across the public sector and critical infrastructure.

devops ai gitlab security ci-cd enterprise

GitLab Transcend 2026: Agent-Native Git, 50x Faster Pipelines, and the Enterprise Governance Problem Nobody Has Solved Yet

At its Transcend event on 10-11 June, GitLab unveiled a rearchitected Git protocol built for AI agents, a lifecycle context graph that reduces hallucinations by 45x, and an AI Governance framework that puts identity and audit trails around every agent action. The announcements signal that agentic development is moving from experiment to production infrastructure – with all the security and compliance obligations that brings.

security servicenow api devops enterprise vulnerability

ServiceNow Zero-Auth API Exploited: Unauthenticated Access to Customer Instance Tables

Attackers exploited an unauthenticated REST API endpoint in ServiceNow between 2 and 5 June 2026, querying customer instance data without valid credentials. A patch was applied on 5 June. Organisations running ServiceNow should audit logs for the identified IP address and review access controls across all API endpoints that may be misconfigured with authentication disabled.

We’ll help you resolve your infrastructure challenges

Our team of experts is ready to help you with your infrastructure challenges. We’ll give you honest and personal treatment. Get in touch to learn more.

Get in touch!