{"title":"Spoiledlunch","description":"Nerdy Stuff. Tech Talk. Zero Freshness.","subtitle":"Analysis and commentary on GRC, security, and AI.","articles":[{"title":"The SIEM Did Not Fail; Your Data Model Did","url":"/articles/2026-05-01-the-siem-did-not-fail-your-data-model-did/","date":"2026-06-16","summary":"Security teams love to declare that the SIEM failed them. It is a clean story. The platform was noisy, expensive, slow, or hard to operate. Leadership understands vendor …"},{"title":"The KEV Catalog Is Useful, but It Is Not a Prioritization Strategy","url":"/articles/2026-05-01-the-kev-catalog-is-useful-but-it-is-not-a-prioritization-strategy/","date":"2026-06-09","summary":"The Known Exploited Vulnerabilities catalog is one of the better things to happen to enterprise vulnerability management in years. It gives defenders a cleaner signal than generic …"},{"title":"The Cloud Control Plane Is Still the Easiest Place To Be Blind","url":"/articles/2026-05-01-the-cloud-control-plane-is-still-the-easiest-place-to-be-blind/","date":"2026-06-02","summary":"Cloud security programs often spend their money where the infrastructure is easiest to picture.\nThey instrument workloads. They scan containers. They watch endpoints. They analyze …"},{"title":"National Internet Safety Month: How Child Protection Became Parental Control Software Sales","url":"/articles/2026-06-01-national-internet-safety-month-how-child-protection-became-parental-control-software-sales/","date":"2026-06-01","summary":"June is National Internet Safety Month, which means it\u0026rsquo;s time for parents to be very, very worried about what their children are doing online. Conveniently, it\u0026rsquo;s also …"},{"title":"Compliance Exceptions Tell You More Than Your Passed Controls","url":"/articles/2026-05-01-compliance-exceptions-tell-you-more-than-your-passed-controls/","date":"2026-05-26","summary":"Organizations love to report passed controls because passed controls are flattering.\nThey suggest order. They suggest repeatability. They suggest that the environment behaves the …"},{"title":"GDPR Enforcement Anniversary: Eight Years of Real Privacy Law and Fake Compliance Theater","url":"/articles/2026-05-25-gdpr-enforcement-anniversary-eight-years-of-real-privacy-law-and-fake-compliance-theater/","date":"2026-05-25","summary":"Today marks eight years since GDPR enforcement began. Unlike most awareness campaigns we investigate, this anniversary commemorates something that actually works: the world\u0026rsquo;s …"},{"title":"SOC 2 Became a Sales Requirement, Not a Trust Signal","url":"/articles/2026-04-25-soc-2-became-a-sales-requirement-not-a-trust-signal/","date":"2026-05-19","summary":"SOC 2 still matters. That is exactly why the industry has let it become something more misleading than useless.\nThe report was supposed to be a narrow assurance artifact: a way to …"},{"title":"AI Governance Gets Real Only After Deployment","url":"/articles/2026-04-25-ai-governance-gets-real-only-after-deployment-v2/","date":"2026-05-18","summary":"Most AI governance programs are strongest at the exact moment the system is least exposed.\nBefore launch, organizations know how to look serious. They can write principles. They …"},{"title":"International Anti-Ransomware Day: Who Really Profits from the Fear Campaign?","url":"/articles/2026-05-12-international-anti-ransomware-day-who-profits-from-fear/","date":"2026-05-12","summary":"It\u0026rsquo;s International Anti-Ransomware Day. Time to be very, very afraid of ransomware. And conveniently, very, very ready to buy solutions.\nWhat started as a legitimate effort …"},{"title":"World Password Day: Intel's Marketing Legacy Thirteen Years Later","url":"/articles/2026-05-07-world-password-day-intels-marketing-legacy-thirteen-years-later/","date":"2026-05-07","summary":"World Password Day just ended, and with it, another week of password managers explaining why your passwords aren\u0026rsquo;t complex enough, MFA vendors explaining why passwords are …"}],"news":[{"title":"CISA Adds One Known Exploited Vulnerability to Catalog","url":"/news/2026-06-16-cisa-adds-one-known-exploited-vulnerability-to-catalog/","date":"2026-06-16","summary":"Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.\nWhy it matters: …"},{"title":"Rockwell Automation CompactLogix","url":"/news/2026-06-16-rockwell-automation-compactlogix/","date":"2026-06-16","summary":"Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.\nWhy it matters: This …"},{"title":"Rockwell Automation FactoryTalk Analytics PavilionX","url":"/news/2026-06-16-rockwell-automation-factorytalk-analytics-pavilionx/","date":"2026-06-16","summary":"Summary: View CSAF Summary Successful exploitation of this vulnerability could result in an attacker executing privileged operations.\nWhy it matters: This …"},{"title":"Rockwell Automation FLEX I/O EtherNet/IP Adapters","url":"/news/2026-06-16-rockwell-automation-flex-i-o-ethernet-ip-adapters/","date":"2026-06-16","summary":"Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access, account takeover, and cause …"},{"title":"Rockwell Automation Logix 5370 ＆ 5570 Controllers Vulnerable To Denial of Service Via CIP","url":"/news/2026-06-16-rockwell-automation-logix-5370-5570-controllers-vulnerable-to-denial-of-service-via-cip/","date":"2026-06-16","summary":"Summary: View CSAF Summary Successful exploitation of this vulnerability could cause a denial-of-service condition that may result in a major nonrecoverable …"},{"title":"Rockwell Automation RSLinx","url":"/news/2026-06-16-rockwell-automation-rslinx/","date":"2026-06-16","summary":"Summary: View CSAF Summary Successful exploitation of this vulnerability can lead to a denial of service, where the application will become unresponsive and …"},{"title":"Predicting model behavior before release by simulating deployment","url":"/news/2026-06-16-predicting-model-behavior-before-release-by-simulating-deployment/","date":"2026-06-16","summary":"Summary: OpenAI introduces Deployment Simulation, a method to predict AI model behavior before deployment using real conversation data to improve safety and …"},{"title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","url":"/news/2026-06-15-cisa-adds-two-known-exploited-vulnerabilities-to-catalog/","date":"2026-06-15","summary":"Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.\nWhy it matters: …"},{"title":"FTC Data Show People Reported Losing $3.5 Billion to Imposter Scams in 2025","url":"/news/2026-06-15-ftc-data-show-people-reported-losing-3-5-billion-to-imposter-scams-in-2025/","date":"2026-06-15","summary":"Summary: New data from the Federal Trade Commission reveal that people reported losing a staggering $3.5 billion to imposter scams in 2025, with reported losses …"},{"title":"Introducing the OpenAI Partner Network","url":"/news/2026-06-14-introducing-the-openai-partner-network/","date":"2026-06-14","summary":"Summary: OpenAI launches the Partner Network, investing $150M to help global partners accelerate enterprise AI adoption, deployment, and transformation.\nWhy it …"}]}