data privacy
-
NIST proposes AI security overlays built on SP 800-53, invites public feedback
NIST published a concept paper proposing a framework of AI security overlays built on SP 800-53 and opened a public call for input, detailing use cases like generative, predictive, and agentic AI while inviting feedback through COSAIS channels.
-
Italy hotel data breach: AGID confirms theft claims affecting up to 10 establishments, investigation opened
Italy’s digital agency AGID says claims by a cybercriminal about data thefts targeting hotel booking systems are credible, with ten hotels affected and thousands of guest identity documents potentially stolen. The case prompted a formal investigation by the national data protection authority, which also warned of scams targeting victims.
-
Russia Restricts Voice Calls on WhatsApp, Telegram as Moscow Pushes National Messaging App Max
Russia’s Roskomnadzor has begun restricting voice calls on WhatsApp and Telegram, saying the apps fuel crime and violence, as Moscow presses ahead with a domestic messaging app called Max. WhatsApp and Telegram push back on encryption and moderation efforts, while lawmakers and media reports highlight a broader battle over secure communication and surveillance.
-
Research Uncovers Privacy Concerns in Apple’s Siri Data Handling
New research reveals that Apple’s Siri may send sensitive user data to company servers beyond its stated privacy policies, raising concerns about the integrity of user privacy and end-to-end encryption.
-
Vulnerability in macOS Spotlight Exposes User Data
A vulnerability in macOS, known as CVE-2025-31199, has been revealed, allowing attackers to exploit Spotlight plugins to access protected user data, including sensitive files cached by Apple Intelligence. Apple has issued a patch to address the flaw.
-
Allianz Life Reports Data Breach Affecting Majority of Customers
Allianz Life confirms a data breach that has compromised the personal information of the majority of 1.4 million customers, linked to the ShinyHunters extortion group.
-
ExpressVPN Resolves Critical IP Leak Issue Affecting Remote Desktop Users
ExpressVPN has resolved a critical security flaw that exposed users’ IP addresses during Remote Desktop Protocol sessions, following insights from a bug bounty program. Affected users are encouraged to update their software for enhanced privacy.
-
Security Flaw in McDonald’s AI Hiring Tool Exposes Personal Data of 64 Million Job Seekers
A security flaw in McDonald’s AI hiring tool, McHire, has led to the exposure of personal data for over 64 million job seekers. Researchers discovered that default credentials and an Insecure Direct Object Reference vulnerability allowed unauthorized access to sensitive information.
-
McLaren Health Care Reports Data Breach Affecting 743,000 Patients
McLaren Health Care has confirmed a data breach affecting 743,000 patients, linked to a ransomware attack from July 2024. The breaches revealed sensitive information and follow a previous incident impacting 2.2 million individuals.
-
EU Launches DNS4EU to Enhance Digital Sovereignty and Security
The European Union has introduced DNS4EU, a privacy-focused DNS resolution service aimed at enhancing digital sovereignty and security across Europe. This new initiative offers a viable alternative to existing non-European DNS providers and emphasizes user privacy and local regulations.
