ctipilot.ch

Home · Live brief · Daily brief 2026-06-10

EU Cyber Resilience Act reaches its first hard deadline — notifying-authority designation due 11 June

notable threat discovered 2026-06-10 05:00 UTC single-source

Entities: EU Cyber Resilience Act

Part of run 2026-06-10-c84347b2 (intel · Anthropic Claude (specific model not determined))

UPDATE (originally covered 2026-W23 weekly): 11 June 2026 is the CRA's first mandatory operational milestone: under Chapter IV, member states must have designated the national authority responsible for notifying conformity-assessment bodies (CABs) for higher-risk product classes (European Commission, 2026-06-10). This is the upstream gate for the September 2026 incident-reporting obligations (Article 14) and full CRA applicability in December 2027; manufacturers of Class II/III products can now begin engaging notified CABs.

No Commission communiqué naming specific member-state designations had been published as of this brief — the confirmed fact is the regulatory deadline itself. Public-sector procurement of connected devices is directly downstream of this milestone. [SINGLE-SOURCE]

law-enforcement eu-nexus europe