Currently free during beta - premium features coming soon. Subscribe now to lock in early access.
Live Monitoring

EU Regulatory Change Monitoring & Compliance Tracker

Free regulatory monitoring tool tracking DORA, NIS2, GDPR, EU AI Act, and 20 more compliance frameworks. AI-powered summaries from 18 official sources. Weekly digest delivered every Monday.

EU AI Act enforcement: Aug 2026 DORA RTS live now Data Act: Sep 2026
2455
Changes Tracked
24
Frameworks
18
Official Sources
21/25
Feeds Healthy
What we monitor

Built for compliance teams

Everything you need to stay on top of regulatory changes.

Real-time Monitoring

Daily automated scans of 18 official regulatory sources including EUR-Lex, EBA, EDPB, ESMA, BaFin, BSI, ANSSI, and more.

24 Frameworks

Intelligent matching across DORA, NIS2, GDPR, EU AI Act, CRA, DSA, and more using CELEX codes and keyword analysis.

AI Summaries

Every regulatory change gets an AI-generated plain-language summary explaining what changed, who's affected, and what to do.

Weekly Digest

Curated weekly email with all changes grouped by framework. AI summaries included. Delivered every Monday.

Three-Tier Matching

CELEX exact match, CELEX prefix detection for delegated acts, and keyword analysis. High-confidence results you can trust.

Instant Alerts

Get notified immediately when critical regulatory changes are detected. Never miss an important update.

Frameworks

Covering the regulations that matter

DORA

Digital Operational Resilience Act · 38 changes

NIS2

Network and Information Security Directive · 12 changes

GDPR

General Data Protection Regulation · 8 changes

CSRD

Corporate Sustainability Reporting Directive · 1 changes

MaRisk

MaRisk (Minimum Requirements for Risk Management) · 8 changes

ISO27001

ISO/IEC 27001 Information Security

EU_AI_ACT

EU Artificial Intelligence Act · 8 changes

CRA

Cyber Resilience Act · 91 changes

DSA

Digital Services Act · 4 changes

DMA

Digital Markets Act · 18 changes

eIDAS2

eIDAS 2.0 (EU Digital Identity) · 2 changes

SOC2

SOC 2 (Service Organization Controls)

PCI_DSS

PCI DSS (Payment Card Industry)

HIPAA

HIPAA (Health Insurance Portability)

ISO42001

ISO/IEC 42001 AI Management System

AMLD6

6th Anti-Money Laundering Directive · 2 changes

PSD3

Payment Services Directive 3 / PSR

DATA_ACT

EU Data Act

GPSR

General Product Safety Regulation

CER

Critical Entities Resilience Directive · 3 changes

EUDR

EU Deforestation Regulation · 1 changes

CVE

Vulnerabilities & CVEs · 339 changes

BREACH

Breaches & Incidents · 1061 changes

AI_SAFETY

AI Security & Safety · 859 changes

Latest

Recent regulatory changes

View all changes →
Breach: Glendale Community College (793,925 accounts) — Academic records, Dates of birth, Email addresses
On June 15, 2026, a data breach affecting Glendale Community College was published on Have I Been Pwned, exposing 793,925 accounts. The compromised data includes academic records, dates of birth, a...
Read analysis →
Ransomware: qilin claims Century Equities (US) — Financial Services
On 11 July 2026, the ransomware group Qilin publicly claimed responsibility for a cyberattack against Century Equities, a US-based financial services firm. The incident was published on the ransomw...
Read analysis →
Ransomware: qilin claims Retelit SpA PIVA (IT) — Telecommunication
On July 11, 2026, a ransomware group known as Qilin publicly claimed responsibility for a cyberattack against Retelit SpA, an Italian telecommunications company. The incident was published on the r...
Read analysis →
Ransomware: qilin claims Carolina Agri-Power (US) — Agriculture and Food Production
A new ransomware incident has been publicly claimed by the Qilin group against Carolina Agri-Power, a US-based agricultural equipment and services provider. The claim was published on the ransomwar...
Read analysis →
Ransomware: qilin claims Allied Plumbing & Heating (NH) — Business Services
On July 11, 2026, the ransomware group Qilin publicly claimed responsibility for a cyberattack against Allied Plumbing & Heating, a business services firm based in New Hampshire. The claim was publ...
Read analysis →
Ransomware: cmdorganization claims Golden Star Resources (GH) — Energy
A new ransomware incident has been publicly reported involving Golden Star Resources, an energy sector organization identified by the designation GH. The breach was published on the ransomware.live...
Read analysis →
Ransomware: dragonforce claims Access Equipment Hire (AU) — Construction
On 11 July 2026, the ransomware group Dragonforce published a claim of a data breach against Access Equipment Hire, an Australian construction sector company. The announcement was made on the ranso...
Read analysis →
CVE-2026-60090 (CVSS 9.8) — PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the...
A new critical vulnerability, CVE-2026-60090, has been published with a CVSS score of 9.8, affecting PraisonAI versions prior to 4.6.78. The flaw lies in the failure to validate a caller-controlled...
Read analysis →
CVE-2026-61445 (CVSS 9.9) — PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabiliti...
A critical vulnerability has been published under CVE-2026-61445, affecting PraisonAI versions prior to 4.6.78. The flaw, rated CVSS 9.9, resides in the AICoder component and allows arbitrary file ...
Read analysis →
CVE-2026-61447 (CVSS 10.0) — PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._exe...
A critical vulnerability has been published under CVE-2026-61447, affecting PraisonAI versions prior to 1.6.78. The flaw carries a CVSS score of 10.0, the highest severity rating, and involves a re...
Read analysis →

Never miss a regulatory change

Join compliance professionals who rely on our weekly digest. Free during beta - premium features coming soon.