Blog
Delve and the 494 Fake SOC 2 Reports: What the Compliance Industry Should Learn
A Y Combinator-backed compliance startup allegedly fabricated 494 SOC 2 reports with auditor conclusions pre-written before clients submitted any evidence.
Read moreFive Supply Chain Attacks in Twelve Days: March 2026 Broke Open Source Trust
In twelve days, attackers compromised Trivy, Checkmarx, LiteLLM, Telnyx, and Axios — and the supply chain security model most organizations rely on did not survive.
Read moreSCOTUS Settles It: No Copyright Without a Human Author
The Supreme Court’s denial in Thaler v. Perlmutter leaves one rule standing: if no human authorship exists, there is no copyright.
Read moreAnthropic at $380B: What a 6x Valuation Jump in 12 Months Tells Us About AI Markets
Anthropic’s move to a $380 billion valuation is more than a headline-grabbing fundraise; it is a useful stress test for how AI markets are pricing growth, scarcity, and risk.
Read moreMusic Industry Sues Anthropic for $3.1B: AI Training Liability Keeps Growing
Universal Music, Concord, and ABKCO just turned Anthropic’s training-data problem into a $3.1 billion copyright fight.
Read moreThree More States, Three More Privacy Laws: 2026 Compliance Starts Now
Indiana, Kentucky, and Rhode Island all went live on January 1, 2026, which means privacy compliance just got a little less optional.
Read moreFederal Preemption of State AI Laws: Trump's December EO and Its Legal Limits
Trump’s December 11 AI order launches a federal challenge to state AI laws, but its legal reach is narrower than the rhetoric suggests.
Read moreSFC v. Vizio: A Court Says GPL Compliance Is a Contractual Duty
A December 4, 2025 tentative ruling in SFC v. Vizio suggests GPL compliance can sound in contract, not just copyright, with real consequences for end users.
Read moreCycloneDX 1.7: Patents, Provenance, and the Next Generation of SBOMs
CycloneDX 1.7 turns SBOMs from static inventories into richer evidence packs with patent metadata, citations, and better cryptographic transparency.
Read moreFASB Rewrites Software Cost Accounting: ASU 2025-06 and What CFOs Need to Know
FASB’s ASU 2025-06 replaces the old stage-based software capitalization playbook with a single recognition test, forcing CFOs to rethink policy, controls, and valuation.
Read moreAnthropic's $1.5B Copyright Settlement: What It Means for AI Training Economics
Anthropic's $1.5 billion settlement shows that copyright risk in AI training data is no longer theoretical; it is a balance-sheet item.
Read moreEU AI Act Phase 2: GPAI Provider Obligations Are Now Enforceable
As of August 2, 2025, general-purpose AI model providers are no longer waiting on guidance: the EU AI Act’s GPAI obligations are live.
Read more