<?xml version="1.0" encoding="UTF-8"?><rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0"><channel><title><![CDATA[The CRA Readiness Reality: What Changed (and What Didn’t) Between 2025 and 2026?]]></title><description><![CDATA[<blockquote>
<p dir="auto">In 2025, Linux Foundation Research, Linux Foundation Europe, and Open Source Security Foundation (OpenSSF) published Unaware and Uncertain: The Stark Realities of Cyber Resilience Act Readiness in Open Source. It took a survey-based look at how prepared the open source ecosystem was for the European Union’s Cyber Resilience Act (EU CRA). The headline finding was blunt: 62% of respondents had little to no familiarity with a regulation that would reshape how software gets built, shipped, and maintained across global supply chains. The hope was that with a year to go before the CRA enters into force, community education initiatives and a growing body of guidance would move the readiness needle.</p>
</blockquote>
<ul>
<li><a href="https://openssf.org/blog/2026/06/25/the-cra-readiness-reality-what-changed-and-what-didnt-between-2025-and-2026/" rel="nofollow ugc">https://openssf.org/blog/2026/06/25/the-cra-readiness-reality-what-changed-and-what-didnt-between-2025-and-2026/</a></li>
</ul>
]]></description><link>https://billboard.bsd.cafe/topic/272/the-cra-readiness-reality-what-changed-and-what-didn-t-between-2025-and-2026</link><generator>RSS for Node</generator><lastBuildDate>Thu, 02 Jul 2026 01:21:34 GMT</lastBuildDate><atom:link href="https://billboard.bsd.cafe/topic/272.rss" rel="self" type="application/rss+xml"/><pubDate>Fri, 26 Jun 2026 07:17:39 GMT</pubDate><ttl>60</ttl></channel></rss>