Find notable cyber news and cases, enriched with sources, timelines, and signals.

UK Business and Trade Committee proposal on software provider liability

Regulatory/Legal (General)
First reported
Last updated
Happening score
H score 22
1 unique sources, 1 articles

Summary

Hide ▲

The UK’s Business and Trade Committee has proposed legislation to make software providers legally responsible for insecure products, a shift that could raise compliance burdens and penalties across the UK software market. The move would turn the voluntary Software Security Code of Practice into an enforceable baseline and target firms that ship exploitable flaws. It matters because the committee wants liability to move from victims to vendors after 2025 cyber incidents showed the cost of insecure software.

Related Happenings

OpenSSF flags CRA readiness gap

Regulatory/Legal (General)
H score21 First: 08.06.2026 12:00 Last: 08.06.2026 12:00 Sources 1

About this happening: OpenSSF warned that **global manufacturers, developers, and open source stakeholders** remain materially unprepared for **Cyber Resilience Act (CRA)** compliance ahead of the **De...

CRA readiness gaps persist across global open source and manufacturing stakeholders

Trend
H score22 First: 08.06.2026 12:00 Last: 08.06.2026 12:00 Sources 1

About this happening: **OpenSSF** found **stagnating CRA readiness** across **global manufacturers, developers, and open source stakeholders**, leaving a large share of the ecosystem exposed to **Decem...

UK Cyber Resilience Pledge pushes board-level security and supply-chain hardening

Defensive Guidance
H score33 First: 13.05.2026 12:05 Last: 13.05.2026 12:05 Sources 1

About this happening: The **UK government's Cyber Resilience Pledge** will launch later this year, giving organizations a concrete set of steps to strengthen defenses and reduce supply-chain risk. It a...

UK government cyber resilience funding and pledge

Public Sector Action
H score25 First: 22.04.2026 17:10 Last: 22.04.2026 17:10 Sources 1

About this happening: **UK government** announced **£90m ($120m)** in cybersecurity funding and a new **Cyber Resilience Pledge**, aiming to strengthen **national cyber resilience**. The initiative was...

2025 Automotive carmakers ransomware surge

Trend
H score34 First: 16.04.2026 11:35 Last: 16.04.2026 11:35 Sources 1

About this happening: In **2025**, ransomware became the **fastest-growing** and most disruptive threat to **automotive carmakers**, accounting for **44% of attacks** and **more than doubling** over th...

Timeline

  1. 26.11.2025 17:00 2 articles · 7mo ago

    UK committee report proposes enforceable software liability

    Legal Policy Action Update

    The UK’s Business and Trade Committee issued a report proposing legislation that would make software providers legally responsible for insecure products, require compliance with secure-by-design principles, and empower enforcement bodies to monitor adherence and issue penalties. The committee said the current voluntary Software Security Code of Practice leaves developers without penalties for releasing products with exploitable flaws and argued that 2025 cyber incidents affecting Co-op, M&S and Jaguar Land Rover showed the financial and operational costs of insecure software.

    Show sources