RHEL fontforge Remote Code Execution Vulnerability - CVSS 8.8

CERT-Bund issued a security advisory regarding a critical vulnerability (CVSS 8.8) in Red Hat Enterprise Linux's fontforge component affecting versions prior to RHEL 10, RHEL 9, and RHEL Extended Update Support 9.6. The vulnerability allows remote, unauthenticated attackers to execute arbitrary code on affected systems. Organizations running affected RHEL distributions should apply available mitigations or patches immediately.

FasterXML Jackson Vulnerability - Security Bypass (CVSS 7.5)

CERT-Bund issued a security advisory regarding a vulnerability in FasterXML Jackson versions 3.0.0 through 3.1.0. The vulnerability, with a CVSS Base Score of 7.5, allows remote anonymous attackers to bypass security measures in the JSON processing library. Affected platforms include Linux, Windows, UNIX, and other operating systems running Java applications that utilize the library.

ICE Arrests Rapists, Pedophiles, and Arsonists

DHS announced that ICE arrested criminal illegal aliens convicted of serious crimes including aggravated sexual assault of a child, sexual battery, lewd and lascivious acts with a child, arson, and robbery. The announcement highlighted that nearly 70% of ICE arrests involve illegal aliens charged or convicted of crimes in the United States.

Election of Vietnamese President To Lam and Prime Minister Le Minh Hung

The U.S. Department of State issued a press statement on April 7, 2026, congratulating To Lam on his dual appointment as President of Vietnam and Le Minh Hung on his election as Prime Minister. The statement emphasizes the U.S.-Vietnam Comprehensive Strategic Partnership built on three decades of cooperation in economic prosperity, people-to-people ties, and Indo-Pacific stability. Secretary of State Marco Rubio expressed the United States' commitment to continued collaboration with Vietnam's new leadership.

ASIC seeks appointment of receiver to investigate proposed sale of Interprac Financial Planning

ASIC has commenced Federal Court proceedings seeking appointment of a receiver to investigate the proposed $50,000 sale of Interprac Financial Planning Pty Ltd by Sequoia Wealth Group to Conquest Investment Partners. The regulator is concerned the sale may adversely affect creditors, including approximately 911 open AFCA complaints related to collapsed Shield and First Guardian Master Funds. ASIC seeks to investigate whether the sale is bona fide and Interprac's solvency before Sequoia is released from cross-guarantee obligations.

Former ISG Director Benjamin Godfrey Banned for 10 Years

ASIC has banned Benjamin Godfrey, former director and responsible manager of ISG Financial Services Limited (in liquidation), from providing financial services, controlling a financial services entity, or performing any function involved in carrying on a financial services business for 10 years under sections 920A and 920B of the Corporations Act 2001. The ban takes effect on 31 March 2026.

ASIC removes 11,964 scam websites in 2025, 90% increase

ASIC coordinated the removal of 11,964 phishing and investment scam websites in 2025, representing a 90% increase from 6,270 removals in 2024. The regulator also removed 1,100+ online investment scam advertisements on social media. Australians lost $2.18 billion to scams in 2025, with investment scams accounting for $837.7 million in losses.

18-year-old charged for alleged trafficking of etomidate vaporiser pods

HSA charged an 18-year-old male in Singapore court on 6 April 2026 for alleged trafficking of etomidate vaporiser pods. During an enforcement operation on 4 April, HSA officers seized 108 etomidate pods, one vaporiser, and duty-unpaid cigarettes. This is the second prosecution of an 18-year-old for etomidate trafficking, following enhanced penalties that took effect on 1 September 2025.

ARTURO ACOSTA S.L. v. AEPD - Right to Erasure Enforcement Appeal Dismissed

The AEPD dismissed the appeal filed by ARTURO ACOSTA S.L. (NIF: B38094249) against enforcement resolution EXP202512014 (PD/00238/2025), which had upheld a data subject's GDPR erasure complaint. The company argued it could not suppress data because returned devices were factory-restored, but the AEPD upheld the original ruling based on the company's failure to timely respond to the erasure request and lack of documented proof of compliance. The DPA rejected claims of bad faith by the claimant and proportionality violations by the company.

GDPR Appeal Dismissed as Late - Administrative Procedure

The Spanish Data Protection Agency (AEPD) issued Resolution EXP202407584 dismissing a recurso de reposición (administrative appeal) as extemporaneous. The appellant filed the appeal on February 27, 2026, exceeding the one-month deadline from the January 26, 2026 notification of the original resolution. The AEPD found no grounds to admit the late-filed appeal under Article 116.d of the LPACAP.