This daily privacy digest highlights critical security threats, including an AI-generated ransomware on the VS Code marketplace and a cyberattack on the U.S. Congressional Budget Office. Also covered are the EU’s move to expand Europol’s data-sharing capabilities and a $5.1 million penalty against Illuminate Education for student data protection failures. Finally, we look at the EFF’s latest findings on the effectiveness of antivirus apps in detecting stalkerware.
Top 5 Critical Privacy Alerts
- AI-Slop ransomware test sneaks on to VS Code marketplace. A malicious, AI-created ransomware extension was found on Microsoft’s VS Code marketplace. Read more
- U.S. Congressional Budget Office hit by suspected foreign cyberattack. CBO confirms a cybersecurity incident, potentially exposing sensitive data to a foreign hacker. Read more
- How a ransomware gang encrypted Nevada government’s systems. The State of Nevada fully recovered from a ransomware attack impacting 60 agencies. Read more
- Attorney General James and Multistate Coalition Secure $5.1 Million. Illuminate Education penalized for failing to protect student data. Read more
- EU Parliament committee votes to advance controversial Europol data sharing proposal. Proposal expands Europol’s data sharing and biometric data collection. Read more
Privacy Laws & Regulations
- New DSK Guidelines Aim to Set the Standard for International Research Collaborations. German authorities release guidelines on international data transfers in medical research. Read more
Regulatory Fines & Enforcement Actions
- Attorney General James and Multistate Coalition Secure $5.1 Million. Illuminate Education penalized for failing to protect student data. Read more
AI
- Faking Receipts with AI. AI can now create realistic fake receipts, including paper wrinkles and signatures. Read more
- The UK’s First Copyright vs. AI Decision: Key Takeaways on a Win for the AI Industry. UK court’s decision favors AI industry, stating AI models aren’t infringing copies. Read more
- Leak confirms Google Gemini 3 Pro and Nano Banana 2 could launch soon. Google plans to release Gemini 3 for coding and Nano Banana 2 for images. Read more
- AI-Slop ransomware test sneaks on to VS Code marketplace. A malicious, AI-created ransomware extension was found on Microsoft’s VS Code marketplace. Read more
Government
- U.S. Congressional Budget Office hit by suspected foreign cyberattack. CBO confirms a cybersecurity incident, potentially exposing sensitive data to a foreign hacker. Read more
- How a ransomware gang encrypted Nevada government’s systems. The State of Nevada fully recovered from a ransomware attack impacting 60 agencies. Read more
Surveillance
- EU Parliament committee votes to advance controversial Europol data sharing proposal. Proposal expands Europol’s data sharing and biometric data collection. Read more
Stalkerware
- EFF Teams Up With AV Comparatives to Test Android Stalkerware Detection by Major Antivirus Apps. Tests reveal mixed results in stalkerware detection by Android antivirus apps; Malwarebytes scored 100%. Read more
