On June 30, 2026, New Jersey’s Governor Mikie Sherrill signed a new data broker law, largely effective immediately, that adds significant new obligations for businesses involved in personal data sales. The law reaches traditional data brokers that collect or purchase personal data about consumers with whom they do not have a direct relationship and then

A proposed class action accusing Kenneth Cole Productions, Inc., of unlawfully sharing website visitor data with Meta, Google, and other third parties was voluntarily dismissed in the Northern District of California. The plaintiffs alleged that Kenneth Cole used third-party tracking tools on its website that allowed those companies to collect data about consumers’ interactions with the

Researchers at cybersecurity firm Proofpoint have discovered that a “suspected China-aligned threat cluster named UNK_MassTraction” is attacking mailservers belonging to physics and engineering departments of U.S. and Canadian based universities. They have been tracking the activity since May 2026.

The threat actors are exploiting multiple n-day cross-site scripting vulnerabilities in Roundcube mailservers to “steal credentials

On April 16, 2026, the Massachusetts Health Policy Commission (HPC) approved amendments to its Material Change Notice (MCN) regulations at 958 CMR 7.00 (the Amended Regulations), which went into effect on May 8, 2026. As background, following the 2025 passage of health care legislation that expanded the HPC’s health care market oversight responsibilities, the HPC

Connecticut Governor Ned Lamont recently signed Public Act No. 26-68 (the Act), which includes changes to the state’s medical orders for life-sustaining treatment (MOLST) program. Shortly after the Act was signed into law, the Connecticut Department of Public Health (DPH) issued policies and procedures regarding the MOLST program, which will operate as regulations in the