Today’s privacy digest highlights critical vulnerabilities and cyberattacks, with a focus on VMware and Linux systems exploited by malicious actors. The EU’s proposed ‘Chat Control’ measures are raising significant privacy concerns, while new CCPA regulations are set to take effect in California. Stay informed to protect your data and systems from emerging threats.
Top 5 Critical Privacy Alerts
- Chinese hackers exploiting VMware zero-day since October 2024: Broadcom patched a high-severity vulnerability in VMware, exploited in zero-day attacks. Read more
- CISA warns of critical Linux Sudo flaw exploited in attacks: Hackers are exploiting a critical vulnerability in the sudo package, enabling root-level command execution. Read more
- Broadcom fixes high-severity VMware NSX bugs reported by NSA: Security updates patch VMware NSX vulnerabilities reported by the U.S. National Security Agency (NSA). Read more
- Japan’s largest brewer suspends operations due to cyberattack: Asahi Group Holdings, Ltd (Asahi) disclosed a cyberattack disrupting operations. Read more
- Chat Control Is Back on the Menu in the EU. It Still Must Be Stopped: EU Council debates “Chat Control,” scanning private conversations, raising privacy concerns. Read more
Privacy Laws & Regulations
- Revised and New CCPA Regulations Set to Take Effect on Jan. 1, 2026 – Summary of Near-Term Action Items: California Privacy Protection Agency (CPPA) regulations are approved, effective January 1, 2026. Read more
- UK Clinical Trial Regulatory Updates for Sponsors: The UK Parliament approved amendments to clinical trial regulations, the most significant update in two decades. Read more
Security
- Chinese hackers exploiting VMware zero-day since October 2024: Broadcom patched a high-severity vulnerability in VMware, exploited in zero-day attacks. Read more
- VMware Certification Is Surging in a Shifting IT Landscape: VMware certification surges due to hybrid infrastructure, cloud complexity, and rising security risks. Read more
- CISA warns of critical Linux Sudo flaw exploited in attacks: Hackers are exploiting a critical vulnerability in the sudo package, enabling root-level command execution. Read more
- Broadcom fixes high-severity VMware NSX bugs reported by NSA: Security updates patch VMware NSX vulnerabilities reported by the U.S. National Security Agency (NSA). Read more
- UK convicts “Bitcoin Queen” in world’s largest cryptocurrency seizure: The Metropolitan Police secured a conviction in the world’s largest cryptocurrency seizure. Read more
- Japan’s largest brewer suspends operations due to cyberattack: Asahi Group Holdings, Ltd (Asahi) disclosed a cyberattack disrupting operations. Read more
- Ransomware gang sought BBC reporter’s help in hacking media giant: Medusa ransomware gang tempted a BBC correspondent to become an insider threat. Read more
- UK govt backs JLR with £1.5 billion loan guarantee after cyberattack: The UK Government is providing Jaguar Land Rover (JLR) with a £1.5 billion loan guarantee after a cyberattack. Read more
Scams & Social Engineering
- Details of a Scam: A personal experience details an attempted scam, highlighting social engineering tactics. Read more
- How to help protect foster youth from identity theft: The FTC provides guidance on protecting foster youth from identity theft. Read more
- No, that’s not an FTC commissioner on the phone: The FTC warns of scammers impersonating FTC officials to steal money. Read more
- Get a credit freeze to stop identity thieves: The FTC advises freezing credit to protect against identity theft. Read more
- Scammers are impersonating the United States Patent and Trademark Office: Scammers impersonate the USPTO to steal money from business owners. Read more
- Thinking about selling your timeshare? Key steps to avoid scams: The FTC provides steps to avoid scams when selling a timeshare. Read more
- Before you donate, find out where the money is going: The FTC warns against donating to causes where fundraisers lie about fund usage. Read more
- How to spot a job scam: The FTC provides tips on identifying and avoiding job scams. Read more
- How to prepare yourself to deal with an emergency and avoid disaster-related scams: The FTC advises on preparing for emergencies and avoiding related scams. Read more
- This Medicare Open Enrollment season, learn how to protect yourself from scams: The FTC advises on protecting against scams during Medicare Open Enrollment. Read more
Data Privacy
- Text messages and the new Texas registration requirement: Texas amended its telephone solicitation law to include text messages and registration requirements. Read more
- EFF Urges Virgina Court of Appeals to Require Search Warrants to Access ALPR Databases: EFF urges Virginia court to require warrants for ALPR data access, citing privacy concerns. Read more
- Chat Control Is Back on the Menu in the EU. It Still Must Be Stopped: EU Council debates “Chat Control,” scanning private conversations, raising privacy concerns. Read more
Artificial Intelligence
- Brave launches ‘Ask Brave’ feature to fuse AI with traditional search: Brave integrates AI chat with search in a new feature called Ask Brave. Read more
- It’s time to prepare for AI personhood | Jacy Reese Anthis: An article discussing the social upheaval that will come with technological advances in AI. Read more
- Protecting Access to the Law—and Beneficial Uses of AI: EFF supports AI for legal research in Thomson Reuters v. ROSS Intelligence copyright case. Read more
