Today’s digest features critical security updates, including a Chrome zero-day exploit and a massive DDoS attack on Microsoft Azure. We also cover a data breach at Princeton University, a ransomware attack impacting Pennsylvania’s Attorney General, and new age verification measures from Roblox. Stay informed to protect your data and systems from emerging threats.
Top 5 Critical Privacy Alerts
- Google fixes new Chrome zero-day flaw exploited in attacks: Google has released an emergency security update to fix a Chrome zero-day vulnerability. Read more
- Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses: The Aisuru botnet launched a massive DDoS attack on Microsoft’s Azure network. Read more
- Eurofiber France warns of breach after hacker tries to sell customer data: Hackers exploited a vulnerability to access Eurofiber France’s ticket management system. Read more
- Princeton University discloses data breach affecting donors, alumni: A cyberattack compromised a Princeton University database, exposing personal information. Read more
- Pennsylvania AG confirms data breach after INC Ransom attack: The Pennsylvania attorney general’s office confirms a data breach following an INC Ransom attack. Read more
Privacy Laws & Regulations
- “How Old Are You, Anyway?” California’s New Law Makes Apps Ask… And Remember!: California’s AB 1043 requires apps to verify and remember user ages. Read more
Security
- Google fixes new Chrome zero-day flaw exploited in attacks: Google has released an emergency security update to fix a Chrome zero-day vulnerability. Read more
- Microsoft: Windows 10 KB5072653 OOB update fixes ESU install errors: Microsoft released an out-of-band update to fix issues with Windows 10 extended security updates. Read more
- Malicious NPM packages abuse Adspect redirects to evade security: NPM packages are using Adspect redirects to evade security measures and lead to malicious sites. Read more
- RondoDox botnet malware now hacks servers using XWiki flaw: RondoDox botnet malware is exploiting a critical RCE flaw in XWiki Platform (CVE-2025-24893). Read more
- Eurofiber France warns of breach after hacker tries to sell customer data: Hackers exploited a vulnerability to access Eurofiber France’s ticket management system. Read more
- Princeton University discloses data breach affecting donors, alumni: A cyberattack compromised a Princeton University database, exposing personal information. Read more
- Dutch police seizes 250 servers used by “bulletproof hosting” service: Dutch police seized servers powering a bulletproof hosting service used by cybercriminals. Read more
- Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses: The Aisuru botnet launched a massive DDoS attack on Microsoft’s Azure network. Read more
- DoorDash email spoofing vulnerability sparks messy disclosure dispute: A vulnerability allowed spoofed DoorDash emails, leading to a disclosure dispute after the patch. Read more
- Pennsylvania AG confirms data breach after INC Ransom attack: The Pennsylvania attorney general’s office confirms a data breach following an INC Ransom attack. Read more
AI & Democracy
- AI and Voter Engagement: An article discusses the impact of AI and social media on voter engagement, referencing Obama’s 2008 campaign. Read more
- xAI’s Grok 4.1 rolls out with improved quality and speed for free: xAI has started rolling out Grok 4.1, which is an upgrade to the existing Grok 4 model. Read more
- Google Gemini 3 spotted on AI Studio ahead of imminent release: Google’s Gemini 3, a potentially leading language model, has been spotted on AI Studio. Read more
Consumer Alerts & Scams
- How to prepare yourself to deal with an emergency and avoid disaster-related scams: The FTC provides advice on preparing for emergencies and avoiding related scams. Read more
- How to help protect foster youth from identity theft: The FTC offers tips on protecting foster youth from identity theft due to their increased risk. Read more
- No, that’s not an FTC commissioner on the phone: The FTC warns about scammers impersonating FTC officials to solicit money. Read more
- Get a credit freeze to stop identity thieves: The FTC recommends credit freezes as a way to protect against identity theft. Read more
- This Medicare Open Enrollment season, learn how to protect yourself from scams: The FTC advises consumers to be vigilant against scams during Medicare Open Enrollment. Read more
- Thinking about selling your timeshare? Key steps to avoid scams: The FTC provides advice on avoiding scams when selling a timeshare. Read more
- Before you donate, find out where the money is going: The FTC warns about donating to fraudulent charities, citing the case of Kars-R-Us.com. Read more
- How to spot a job scam: The FTC provides advice on identifying and avoiding job scams. Read more
- Who’s eligible for a refund from Amazon?: The FTC explains who is eligible for a refund from Amazon’s Prime subscription settlement. Read more
- When sharing your info online leads to unwanted and unlawful telemarketing calls: The FTC advises on how to reduce unwanted telemarketing calls resulting from shared online information. Read more
- UK consumers warned over AI chatbots giving inaccurate financial advice: Research reveals AI chatbots are providing inaccurate financial advice to UK consumers. Read more
