Cybersecurity Updates: Vulnerabilities, Regulations, and Data Leaks

An independent security audit of Proton Pass, a password manager, revealed vulnerabilities that have since been patched. Microsoft’s May 2026 Patch Tuesday addressed 137 flaws, including 17 critical vulnerabilities affecting Office, SharePoint, and Windows components, with no confirmed exploits reported. The European cybersecurity regulatory landscape will be shaped by three key texts—DORA (applicable since January 17, 2025), NIS2 (awaiting French transposition in the first half of 2026), and the Cyber Resilience Act (CRA), spanning 2025–2028. Belambra, a tourism operator, suffered a cyberattack leading to a potential data leak affecting 400,000 individuals, while Pierre & Vacances-Center Parcs confirmed a breach exposing 1.6 million reservation records.