This document discusses a proposed EU directive that would criminalize the production and distribution of hacking tools. It summarizes concerns that this could penalize security researchers and lower overall security. The directive aims to combat cyberattacks but could restrict beneficial security research and testing. It may force some security companies to move abroad and leave EU countries less protected against attackers. The document outlines amendments being considered and the status of negotiations between the EU Council, Parliament, and Commission on the final language.