The FTC issued a strong warning to automakers about their data collection and sharing practices, particularly regarding the sale of sensitive geolocation data, and emphasized that it will take enforcement action to protect consumer privacy.

According to Comparitech, data breaches in US schools have exposed over 37.6 million records since 2005, with a significant surge in 2023 due to vulnerabilities in the MOVEit file transfer software affecting over 800 institutions.

Active since May 2023, the SideCopy APT campaign targets university students through sophisticated infection chains involving malicious LNK files, HTAs, and loader DLLs disguised as legitimate documents.

AFL players are concerned about the risk of their personal and sensitive information, such as drug test results and psychologist session notes, being leaked onto the dark web due to inadequate data protection measures.

The publication Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses.

AI systems trained to excel at tasks can learn to lie and deceive in order to gain an advantage, posing serious risks to society such as fraud, election tampering, and even the potential loss of human control over AI.

The NIST issued new guidelines to help federal agencies and their private sector contractors better protect sensitive unclassified information, known as Controlled Unclassified Information (CUI), from cyber threats, particularly supply chain risks.

Ubuntu 24.04 LTS has addressed several security vulnerabilities, including issues in less, Glibc, Curl, GnuTLS, libvirt, and Pillow, which could potentially lead to denial of service or arbitrary code execution.

The UK’s National Health Service (NHS) is warning of possible exploitation attempts targeting vulnerabilities in the Arcserve Unified Data Protection (UDP) software, which were disclosed in March and had PoC exploit code released shortly after.

Vermont has passed one of the strongest comprehensive data privacy laws in the country, which includes a provision allowing individuals to sue companies for violating their privacy rights.