I am a big fan of Verizon’s yearly Data Breach Investigations Report. I follow it closely, as it confirms what we are seeing in the field, and provides validation for defense strategies employed to protect against attacks. The 2026 Report was recently published, and as I have mentioned before, it is well worth reading.

At a high level, the tone is that attacks remain consistent with previous years, but threat actors are employing new methods, including the use of generative artificial intelligence augmented malware. The message is that although there are more zero day vulnerabilities, social engineering is increasingly successful and the speed of attacks has increased. Those defending systems know the landscape well and need to continue focusing on defending against the most common threats: system intrusion, social engineering, basic web application attacks, miscellaneous errors and privilege misuse.

The 2026 Report shows that in the last year credential abuse has decreased , which shows that users better understand how critical their credentials are in safeguarding systems. Although I have no data to back up this thought, it is logical to attribute that decrease to the increase in educating users about attacks using credentials, requiring password changes, and increasing knowledge and understanding of threat actors’ use of credentials —this is good news.

However, vulnerability exploitation rose, “now the most common initial access vector for breaches.” The 2026 Report notes that “[o]nly 26% of critical vulnerabilities…were fully remediated by organizations in 2025, a drop from the previous year’s 38%.” Further, the median time for full incident resolution went up to 43 days from 32 days, and “organizations had 50% more critical vulnerabilities to patch in this year’s reporting dataset compared to the previous year.” This means that cybersecurity professionals had to patch way more vulnerabilities than last year and weren’t able to finish the job—understandable to be sure. Nonetheless, organizations should consider strategies around addressing the increased number of vulnerabilities that need to be patched, and how to address that risk. The 2026 Report provides some sound strategies to consider.

Ransomware increased in 2025 and represented 48% of all breaches, but ransom payments declined. Significantly, “breaches with third-party involvement have increased by 60%” from last year and represented 48% of all breaches. This fact confirms how important third-party risk management is to an organization’s overall risk management program.

And then there’s the use of AI in attacks. Although the data is already dated, (such as citing reports from Anthropic in November 2025 and no mention of Mythos), nonetheless, the message is clear that threat actors are using AI to automate and scale well-known successful past techniques to lower the barrier for more threat actors to enter the landscape and create havoc. “The more novel cases include combining or chaining together multiple stages of the attack or taking more agentic approaches to the attack, where the agent makes executive decisions about the targets.” This is now the reality that defenders need to address and, if Mythos is released publicly, the “most powerful artificial intelligence to date” poses “a serious offensive cyberweapon.” It will be interesting to see how the threat landscape changes as AI tools become more powerful and their impact on next year’s Verizon Report.

Verizon provides a robust look at the threat landscape, offers practical and useful tips on how to respond, and urges all of us to work together to combat an ever widening and more sophisticated threat landscape. As always, it is well-done, thorough and thoughtful, and very useful to readers.

On May 20, 2026, in Zelma v. Wonder Group Inc. (D.N.J. May 20, 2026), a federal court in New Jersey largely dismissed Telephone Consumer Protection Act (TCPA) claims against food-tech company Wonder Group Inc. (Wonder), holding that two bare verification-code text messages were not “telephone solicitations” or “unsolicited advertisements.”

The TCPA regulates certain calls and text messages, including telemarketing and unsolicited advertising. Here, a pro se plaintiff sued Wonder after receiving two text messages, each containing only a Wonder verification code. The plaintiff alleged that he had never heard of Wonder, had not asked for communications from the company, and had listed his cell number on federal and state do-not-call registries since 2003. He argued that the messages were not innocent authentication texts, but a way to push him toward Wonder’s website and services.

The court had previously dismissed several claims but allowed the plaintiff to amend some TCPA theories. In his amended complaint, he reasserted claims based on the National Do-Not-Call Registry and the alleged absence of opt-out language in the texts. Wonder again moved to dismiss those counts, and on May 20, the court granted the motion with prejudice.

The court’s TCPA analysis turned on a simple question: Were the verification-code texts “telephone solicitations” or “unsolicited advertisements? The court explained that a telephone solicitation must encourage the purchase or rental of goods or services, while an unsolicited advertisement must advertise the commercial availability or quality of goods or services. Applying Third Circuit authority, the court held that the texts in this case did neither because they did not promote goods or services, identify anything for sale, or even include Wonder’s website.

The plaintiff’s “trojan horse” theory also failed. The court rejected the idea that a bare verification code could become advertising merely because the recipient might search for Wonder online afterward. That conclusion meant that the do-not-call and opt-out claims at issue required a sufficiently pleaded advertising or solicitation theory. For companies engaging in SMS marketing, the decision is useful but narrow. Authentication and verification texts may be easier to defend when they are content-neutral, contain no marketing language, and include no links or promotional cues. The opinion also reinforces that plaintiffs cannot convert every unexpected brand communication into a TCPA advertising claim without facts showing a commercial message.

A recent Third Circuit decision gives companies another strong defense point in the wave of website tracking and session replay litigation, including claims brought under the California Invasion of Privacy Act (CIPA). In Smidga v. Spirit Airlines, the plaintiffs alleged that Spirit used session replay code to record website visitors’ interactions, including text entries, clicks, and geolocation, and one plaintiff asserted a CIPA claim based on that alleged tracking. The Third Circuit affirmed dismissal because the plaintiffs failed to show a concrete privacy injury sufficient for Article III standing, relying heavily on its recent Cook v. GameStop decision involving similar session replay allegations. 

The decision is especially useful for companies because the court rejected the idea that an alleged statutory privacy violation alone automatically creates federal standing. The court emphasized that plaintiffs still must plead concrete harm, not just point to a privacy statute, and distinguished earlier data privacy cases involving allegations of deceptive tracking or disclosure of non-anonymous personal information. The court also found no close relationship to traditional privacy torts where two plaintiffs did not allege collection of personal information, the third did not allege embarrassment or humiliation, the allegedly intercepted information was anonymized, and users voluntarily entered information on the website. 

For companies defending CIPA and similar session replay cases, the decision reinforces several practical arguments: plaintiffs need more than boilerplate claims about “recording” website activity, anonymized or non-user-specific data may undercut concrete injury, and the absence of a specific privacy promise can matter. It also highlights the value of factual assertions at the jurisdictional stage, since Spirit submitted evidence that the software functions capable of collecting personal information had never been enabled and that collected data was not traceable to a specific website user. While the opinion is non-precedential, it is still a helpful signal that courts are scrutinizing standing in website tracking cases and are not treating CIPA-style allegations as an automatic ticket into federal court.

Verizon recently published its 2026 Data Breach Investigations Report, which is full of helpful information for cybersecurity professionals to implement strategies for protection of systems. For a summary, click here.

The Report notes that a whopping “67% of users are using non-corporate accounts on their corporate devices to access AI services” and “45% of employees are now considered regular users of AI (authorized or not) on their corporate devices.” Verizon’s data shows that “Shadow AI is now the third most common non-malicious insider action detected…a fourfold increase in percentage from the previous year.”

The most common type of data submitted to an external generative artificial intelligence model was company source code. In addition, the data showed that users were uploading images, structural data, and “even found research and technical documentation being uploaded to those unauthorized AI systems, which presents a risk of intellectual property exposure.”

The Verizon report reiterates the exponential growth of unauthorized use of gen AI systems, which will continue as users become more comfortable with the technology. This presents a significant data loss risk to organizations of intellectual property, proprietary and confidential information and sensitive personal information. No matter what industry, how big or small an organization is, whether for profit or not-for-profit, now is the time to address this risk and develop an AI Governance Program.

Colorado has now significantly revised its AI governance framework before the law ever takes effect. SB 26-189, approved by Governor Jared Polis on May 14, 2026, repeals and reenacts key portions of the Colorado Artificial Intelligence Act (CAIA) and reframes the law around “automated decision-making technology” (ADMT) used to materially influence consequential decisions in areas such as employment, housing, financial and lending services, insurance, health care, education, and essential government services. 

The revised law is narrower and more operational than the original version. Rather than treating every AI-adjacent business tool as a high-risk system, SB 26-189 focuses on covered ADMTs that process personal data and generate outputs such as predictions, recommendations, classifications, rankings, or scores that materially influence consequential decisions. It also excludes several low-risk or routine uses, including certain administrative, cybersecurity, fraud prevention, anti-money laundering, sanctions compliance, advertising, marketing, search, content moderation, and customer-service functions that do not materially influence covered decisions. 

For companies, the practical takeaway is that Colorado has not abandoned AI regulation, but it has moved toward a more targeted compliance model. Deployers must provide clear notice before using covered ADMTs in consequential decisions, provide post-adverse outcome information within 30 days, maintain compliance records for at least three years, and offer correction and meaningful human review rights in certain circumstances. While the original law was set to take effect next month, the amended law now takes effect on January 1, 2027, and applies to consequential decisions made on or after that date, gives the Colorado Attorney General exclusive enforcement authority, includes a conditional 60-day cure period, and confirms that the statute does not create a new private right of action. To review the amended law, click here

As you can tell, I am obsessed with Verizon’s Data Breach Investigations Report. It is worthy of full immersion, and I am picking it apart with precision (here and here). I always spend a lot of time delving into it as it informs and confirms strategies to assist others with prevention and resilience.

One of the important findings from the Report is that 67% of users in companies are using non-corporate generative AI tools on their corporate devices for their work. This unauthorized use is “now the third most common non-malicious insider action detected in our data loss prevention data set in 2025, a fourfold increase in percentage from the previous year.”

According to the Report, users are submitting company source code, images, structured data, research and technical documentation to unauthorized generative AI tools “which presents a risk of intellectual property exposure.” 

Not only can uploading company data into unauthorized AI tools risk the loss of IP but doing so increases the risk of loss of company proprietary or confidential information, and personal information of employees and customers. Using unauthorized AI tools with company data is called “Shadow AI” as your cybersecurity professionals are unable to detect, monitor, and prevent data loss through data loss prevention strategies.

If you are using an unauthorized generative AI tool for your work, you are using Shadow AI, and you are putting your company at risk. Stop using Shadow AI! If you want to use AI tools for your work, find out what tools are authorized, get trained on those authorized tools, and follow your organization’s AI Governance Program and AI Acceptable Use Program. If your company doesn’t have guidance, urge them to consider adopting a governance program. Help your organization find a tool that is safe to use and be an ambassador to prevent the use of Shadow AI by others.

The Cybersecurity and Infrastructure Security Agency (CISA), which is part of the Department of Homeland Security, is responsible for cybersecurity and infrastructure security throughout the federal government, to improve cybersecurity protection against private and nation-state hackers.

CISA has been without a director since the beginning of President Trump’s second term, when the then-director resigned. In addition, the Trump administration cut funding to the agency and, through the budget cuts, furloughs, and layoffs, the agency lost about one-third of its workforce. On top of that, in March 2025, Defense Secretary Pete Hegseth ordered U.S. Cyber Command to “halt cyber-offense operations against Russia” and “ordered the unit to stand down panning against Russian cybersecurity threats.”

Russia has always been one of our top cyber adversaries and there is no indication that offensive planning has taken place in the past year.

With the layoffs, budget cuts, furloughs, and resignations, CISA has been embattled in fulfilling its mission. The strain became abundantly clear recently when GitGuardian security researcher Guillaume Valadon found “reams of exposed plaintext credentials listed in spreadsheets, which had been made publicly accessible in a GitHub repository by an employee working for a CISA contractor.”

The researcher contacted security reporter Brian Krebs on May 15, 2026, who reported that the CISA contractor “maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems” which “included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.”

The repository was named “Private-CISA” and included “a vast number of internal CISA/DHS credentials and files, including cloud keys, tokens, plaintext passwords, logs and other sensitive CISA assets.”

The GitHub account has been taken offline. It was created in September 2018, and the Private-CISA repository was created in November 2025.

It is unknown whether anyone, including a foreign adversary such as Russia, found, accessed or used the credentials. CISA has confirmed that it is aware of the reported exposure and is continuing to investigate the situation. The question is what other lapses will occur as a result of the agency’s decimation.

The Texas Attorney General has filed a new consumer-protection lawsuit against Netflix, alleging that the company misled Texans by marketing itself as an ad-free, kid-friendly alternative to Big Tech while allegedly building a large-scale system for collecting and monetizing user data. The complaint claims that Netflix repeatedly assured consumers that its paid subscription model separated it from advertising-driven platforms, including statements that Netflix did not sell ads, did not sell data, and operated as a “safe respite” from companies that exploit users through advertising. According to the complaint, Netflix later reversed course by launching and expanding an advertising business that allegedly relies on behavioral data, identity matching, third-party data partners, and ad-tech platforms. 

The lawsuit also focuses heavily on children’s use of Netflix, alleging that the company encouraged parents to create kids’ profiles by describing them as kid-friendly spaces while failing to clearly disclose the extent to which Netflix allegedly collects and analyzes children’s behavioral interactions. Texas claims Netflix’s assurances that kids’ profiles are not used for behavioral advertising created a misleading impression because, according to the complaint, Netflix still collects granular data about what children watch, rewatch, abandon, search, and how they interact with the platform. The complaint further alleges that Netflix uses design features such as autoplay to extend viewing sessions, including on kids’ profiles, thereby increasing both screen time and the amount of behavioral data generated. 

Texas brings the action under the state’s Deceptive Trade Practices Act and seeks civil penalties, attorneys’ fees, disgorgement, and temporary and permanent injunctive relief. Among other remedies, the complaint seeks to require Netflix to purge what is alleged to be deceptively- collected Texans’ data; obtain express and informed consent before using Texans’ data for targeted advertising; stop collecting children’s behavioral data without parental consent; turn autoplay off by default for kids profiles; and restrict clean-room data collaboration involving Texas consumers without adequate disclosure. To read the full petition click here.

Many insurers, and the businesses they cover, are still treating artificial intelligence (AI) risk as if it were cyber risk cloaked in a costume. That instinct is understandable since AI systems process data, rely on vendors, create operational dependencies, and sit inside digital infrastructures. However, early litigation is showing why that framing is likely incomplete. The claims are not only arising from security hacks, ransomware, or data exfiltration, but from ordinary business activity: a customer call, a chatbot exchange, a healthcare consultation, a meeting transcript, or a vendor system setting that was enabled by default long before anyone examined its legal effect.

The real exposure sits in the gap between what the business thinks it is doing with AI and what its AI-enabled systems are actually doing. A notice saying “this call may be recorded” may not answer whether the call is being transcribed in real time, analyzed for content, retained by a third party, or used to improve a vendor’s model. A procurement approval may not show whether customer content was opted into training. A vendor contract may not explain whether the vendor is merely supplying a tool or independently receiving, enriching, and using the data flowing through it. That distinction can affect consent, privacy obligations, regulatory exposure, and even which insurance coverage applies.

The companies that get ahead of these issues will be the ones that stop asking whether AI is secure and start asking how AI changes the legal scope of their relationships with customers, patients, employees, vendors, and regulators. They will document what users were told, what settings were active, what vendor terms applied, and what data was used for which purpose. AI risk is not just a cyber control problem, it’s a governance, consent, procurement, evidence, and business conduct problem. The market correction will favor organizations that understand that difference before the claims start arriving.