IDPC Decision on Incomplete Personal Data Copy Complaint
The Information and Data Protection Commissioner (IDPC) of Malta has initiated an investigation into a complaint alleging that a data controller provided an incomplete copy of personal data to a complainant exercising their right of access under GDPR. The controller has been unresponsive to the Commissioner's requests for information, leading to formal orders invoking investigative powers.
NDPC Urges Sports Betting Operators to Secure User Data
The Nigeria Data Protection Commission (NDPC) has urged sports betting operators to enhance data security measures for the approximately 60 million users on their platforms. The NDPC emphasized compliance with the Nigeria Data Protection Act (NDP Act), 2023, highlighting the importance of protecting customer data and the benefits of compliance for the gaming sector.
NDPC and Trade Ministry Partner to Boost Nigeria's Competitiveness
The Nigeria Data Protection Commission (NDPC) and the Ministry of Industry, Trade and Investment have partnered to enhance Nigeria's global competitiveness through data protection and privacy initiatives. This collaboration aims to build trust, attract foreign direct investment, and ensure compliance with the Nigeria Data Protection Act, 2023.
NDPC and NBS Alliance to Secure Nigeria's Socioeconomic Data
The Nigeria Data Protection Commission (NDPC) and the National Bureau of Statistics (NBS) have formed a strategic alliance to secure Nigeria's official socioeconomic data. This collaboration aims to enhance public trust in data handling processes and support the government's economic initiatives.
Citrix Products Vulnerabilities
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Citrix NetScaler ADC and Gateway products. These vulnerabilities could lead to data confidentiality breaches and security policy bypasses. Affected versions require immediate patching.
Qnap Products Security Vulnerabilities
CERT-FR has issued an advisory regarding multiple security vulnerabilities discovered in Qnap products. These vulnerabilities could allow attackers to achieve remote arbitrary code execution, denial of service, and data confidentiality breaches. Users are advised to consult Qnap's security bulletins for patch information.
CPython Vulnerability Allows Security Policy Bypass
CERT-FR has issued an advisory regarding a vulnerability in CPython that allows for security policy bypass. The advisory urges users to apply the latest security patches to affected systems. The vulnerability is identified by CVE-2026-4519.
Microsoft Product Vulnerabilities Detailed
CERT-FR has issued an advisory detailing multiple vulnerabilities discovered in Microsoft products, referencing numerous CVEs. These vulnerabilities could allow an attacker to cause unspecified security issues. Users are advised to consult Microsoft's security bulletins for patch information.
Microsoft Edge Vulnerabilities
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Microsoft Edge, affecting versions prior to 146.0.3856.72. The vulnerabilities could allow an attacker to cause an unspecified security issue. Users are advised to consult Microsoft's security bulletins for patch information.
VMware Product Vulnerabilities - CERTFR Security Advisory
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in various VMware products. These vulnerabilities could allow an attacker to cause unspecified security issues. Affected systems include specific versions of Tanzu Platform, Stemcells, and Tanzu for Postgres.
Synology Products Vulnerability Allows Remote Code Execution
CERT-FR has issued an advisory regarding a critical vulnerability in Synology products that allows for remote code execution. The advisory details affected DSM and DSMUC versions and directs users to Synology's security bulletin for patches, noting that a fix for DSMUC is currently unavailable.
GNU libc Vulnerabilities Allow DNS Response Manipulation
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in GNU libc, affecting Linux and other Unix-based systems. These vulnerabilities allow remote attackers to manipulate DNS responses. The advisory provides information on affected versions and mitigation strategies.
etcd Security Advisory: Multiple Vulnerabilities
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in etcd, versions prior to 3.6.9, 3.5.28, and 3.4.42. These vulnerabilities allow attackers to bypass security measures, with a high CVSS base score of 8.6. Affected systems include Linux, UNIX, and Windows.
Linksys MR9600 Router Vulnerability Allows Code Execution
CERT-Bund has issued a security advisory for the Linksys MR9600 Router, detailing a vulnerability that allows remote, authenticated attackers to execute arbitrary code. The advisory highlights a CVSS Base Score of 8.8, indicating a high severity.
MinIO Vulnerability Allows Info Disclosure and Security Bypass
CERT-Bund has issued a security advisory for MinIO, a S3-compatible object storage system. A critical vulnerability (CVSS 9.1) allows remote attackers to disclose information and bypass security measures. The advisory urges users to apply mitigations.
PyTorch Vulnerability Allows Local Code Execution
CERT-Bund has issued a security advisory for PyTorch, detailing a vulnerability that allows local code execution. The advisory affects PyTorch version 2.10.0 on Linux, UNIX, and Windows systems. Mitigation is available.
Uptime Kuma Vulnerability Allows Information Disclosure
CERT-Bund has issued a security advisory for Uptime Kuma, detailing a vulnerability that allows remote authenticated attackers to disclose information. The advisory assigns a CVSS Base Score of 6.5 and a Temporal Score of 5.9, classifying it as medium severity. Mitigation measures are available.
MariaDB Vulnerability: Denial of Service, Potential Code Execution
CERT-Bund has issued a security advisory for MariaDB, detailing a vulnerability that allows remote, authenticated attackers to cause a Denial of Service and potentially execute arbitrary code. The advisory affects specific versions of MariaDB Server across Linux, UNIX, and Windows operating systems.
SmarterMail Vulnerabilities Advisory
CERT-Bund has issued a security advisory for SmarterTools SmarterMail, detailing multiple vulnerabilities with a CVSS Base Score of 8.6. These vulnerabilities allow for remote attacks, potentially leading to denial of service, credential exposure, and other impacts. Mitigation is available.
Checkmk Vulnerability Allows Bypassing Security Controls
CERT-Bund has issued a security advisory regarding a vulnerability in Checkmk IT monitoring software. The vulnerability, with a CVSS base score of 6.3, allows authenticated remote attackers to bypass security controls. Affected versions include Checkmk versions prior to 2.6.0b1, 2.5.0b1, and 2.4.0p25.
Keycloak Vulnerabilities Allow Remote Authenticated Attacks
CERT-Bund has issued a security advisory for Keycloak, detailing vulnerabilities that allow remote authenticated attackers to bypass security measures and disclose information. The advisory highlights a CVSS base score of 5.8 and affects Keycloak versions used on Linux and UNIX operating systems.
Langflow Vulnerabilities Advisory
CERT-Bund has issued a security advisory for Langflow, detailing multiple critical vulnerabilities (CVSS Base Score 9.1) that could allow remote code execution, information disclosure, and data manipulation. The advisory affects open-source Langflow versions prior to 1.7.0 and 1.9.0, impacting Linux, UNIX, and Windows operating systems.
PTC FlexPLM and Windchill Vulnerability Allows Code Execution
CERT-Bund has issued a security advisory for critical vulnerabilities in PTC FlexPLM and Windchill software, allowing remote code execution. The advisory lists affected product versions and provides mitigation information. Users are advised to apply available updates to address these severe security risks.
Python Vulnerability Allows Code Execution
CERT-Bund has issued a security advisory regarding a vulnerability in Python versions prior to 3.15.0, which could allow attackers to execute arbitrary code. The advisory provides mitigation information and notes that the vulnerability affects Linux, UNIX, and Windows operating systems.
Cardone Law Data Security Incident Notification
Cardone Law Firm is notifying individuals of a data security incident discovered on August 25, 2025, which may have involved personal information. The firm is offering 24 months of free credit monitoring services to affected individuals.
TRIO-TECH INTERNATIONAL 8-K filing from Van Nuys CA
TRIO-TECH INTERNATIONAL 8-K filing from Van Nuys CA
Ubiquiti UniFi Network Application Vulnerabilities Addressed
The Cyber Security Agency of Singapore (CSA) has issued an alert regarding multiple vulnerabilities in Ubiquiti UniFi Network Application. Users are advised to update to the latest version immediately to address potential account compromise and privilege escalation risks.
Oracle Critical Vulnerability in Web Services Manager and Identity Manager
The Cyber Security Agency of Singapore (CSA) has issued an alert regarding a critical vulnerability (CVE-2026-21992) in Oracle Web Services Manager and Identity Manager. The vulnerability allows for remote code execution and requires immediate security updates from users and administrators of affected versions.
EDPB Coordinated Enforcement Action on Transparency and Data Subject Rights
The Hellenic Data Protection Authority (HDPA) is participating in the European Data Protection Board's (EDPB) 2026 Coordinated Enforcement Action (CEF) focused on transparency and data subject rights under GDPR. This initiative involves 25 DPAs across Europe assessing controllers' compliance, with findings to be aggregated into a consolidated report.