Daily Digest | 11 March 2026

COMUNICATO STAMPA - Il Garante privacy sanziona Acea Energia per 2 milioni di euro. Contratti attivati all’insaputa d...
Garante Protezione dei dati personali - news
https://www.gpdp.it/garante/doc.jsp?ID=10229452

Commission unveils new AI tool to fight agri-food alerts and food fraud
European Commission Press Corner
https://ec.europa.eu/commission/presscorner/detail/en/ip_26_584

New BeatBanker Android malware poses as Starlink app to hijack devices
BleepingComputer
https://www.bleepingcomputer.com/news/security/new-beatbanker-android-malware-poses-as-starlink-app-to-hijack-devices/

Thousands Affected by Ericsson Data Breach
SecurityWeek RSS Feed
https://www.securityweek.com/thousands-affected-by-ericsson-data-breach/

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
The Hacker News
https://thehackernews.com/2026/03/kadnap-malware-infects-14000-edge.html

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 12 March 2026

NEWSLETTER 9 marzo 2026 - Cimiteri digitali, il Garante privacy sanziona Aldilapp - Stop alle telecamere non a norma ...
Garante Protezione dei dati personali - news
https://www.gpdp.it/garante/doc.jsp?ID=10228173

Numérique en santé : la CNIL et la HAS s’engagent pour renforcer les bonnes pratiques
CNIL France
https://www.cnil.fr/fr/numerique-en-sante-la-cnil-et-la-has-sengagent

Briefing - Regulation on digital networks (digital networks act) - 10-03-2026
Documents - Think Tank - European Parliament
https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI(2026)774729

14,000 routers are infected by malware that's highly resistant to takedowns
Ars Technica
https://arstechnica.com/security/2026/03/14000-routers-are-infected-by-malware-thats-highly-resistant-to-takedowns/

Medtech giant Stryker offline after Iran-linked wiper malware attack
BleepingComputer
https://www.bleepingcomputer.com/news/security/medtech-giant-stryker-offline-after-iran-linked-wiper-malware-attack/

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 13 March 2026

CELEX:02021R1173-20260120: Council Regulation (EU) 2021/1173 of 13 July 2021 on establishing the European High Perfor...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:02021R1173-20260120

Fisheries and aquaculture: Council agrees negotiating position on new framework for statistics
Council of the EU Press Releases
https://www.consilium.europa.eu/en/press/press-releases/2026/03/11/fisheries-and-aquaculture-council-agrees-negotiating-position-on-new-framework-for-statistics/

CELEX:02017R0373-20260222: Commission Implementing Regulation (EU) 2017/373 of 1 March 2017 laying down common requir...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:02017R0373-20260222

CELEX:02017R0117-20260129: Commission Delegated Regulation (EU) 2017/117 of 5 September 2016 establishing fisheries c...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:02017R0117-20260129

CELEX:02021R0694-20251223: Regulation (EU) 2021/694 of the European Parliament and of the Council of 29 April 2021 es...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:02021R0694-20251223

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 16 March 2026

CONSIL:ST_7322_2026_INIT: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL amending Regulation...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CONSIL:ST_7322_2026_INIT

Council agrees position to streamline rules on Artificial Intelligence
Council of the EU Press Releases
https://www.consilium.europa.eu/en/press/press-releases/2026/03/13/council-agrees-position-to-streamline-rules-on-artificial-intelligence/

Serveur mandataire web filtrant : les recommandations de la CNIL
CNIL France
https://www.cnil.fr/fr/recommandation-serveur-mandataire-web-filtrant

PI_COM:Ares(2026)2709234: COMMISSION IMPLEMENTING REGULATION (EU) …/... on detailed arrangements for the conduct of c...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=PI_COM:Ares(2026)2709234

Learnability and Privacy Vulnerability are Entangled in a Few Critical Weights
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.13186

#Privacy #AI #Cybersecurity #DailyDigest

🇮🇹 Il 10 marzo 2026 il Parlamento europeo ha approvato la Risoluzione P10_TA(2026)0066 sul diritto d'autore e l'IA generativa. Nessuna norma vincolante, ma tre nodi critici ben identificati: il fallimento strutturale dell'opt-out DSM, la trasparenza estesa fino all'inferenza e alla RAG, e un sistema fondato sull'autodisciplina volontaria dei provider.

📖 https://www.nicfab.eu/it/posts/copyright-genai-ep-resol/

———

🇬🇧 On 10 March 2026, the European Parliament adopted Resolution P10_TA(2026)0066 on copyright and generative AI. No binding rules — but three critical legal gaps clearly identified: the structural failure of the DSM opt-out, transparency extended to inference and RAG, and a regulatory architecture built on voluntary self-discipline.

📖 https://www.nicfab.eu/en/posts/copyright-genai-ep-resol/

#Copyright #GenerativeAI #AIAct #DSMDirective #GPAI #TDM #DirittoAutore

📬 NicFab Newsletter #12 | 17 marzo 2026

Privacy, Data Protection, AI e Cybersecurity — la rassegna settimanale.

In questo numero:

🔴 Intesa Sanpaolo sanzionata per 17,6 milioni: trasferimento illegittimo di 2,4 milioni di clienti tramite profilazione non autorizzata

🟢 EDPB ed EDPS sostengono l'armonizzazione delle sperimentazioni cliniche nell'European Biotech Act con nuove salvaguardie

🔴 Acea Energia multata per 2 milioni per contratti fraudolenti attivati all'insaputa dei clienti tramite agenti porta a porta

📈 TraceMap: Commissione UE lancia piattaforma AI per accelerare il rilevamento di frodi e contaminazioni alimentari

⚠️ Operation Synergia III smantella reti cybercriminali internazionali, compromessi 369.000 IP in 163 paesi

🏛️ Parlamento UE proroga deroga privacy per contrastare abusi sessuali online sui minori

📖 AI Act in Pillole: analisi degli obblighi per fornitori di sistemi ad alto rischio secondo l'Articolo 16

🔍 ICO multa Police Scotland per condivisione impropria di dati personali, crescono le sanzioni UK

👉 Leggi il numero completo: https://www.nicfab.eu/it/newsletter/2026-03-17-issue-12/

📩 Iscriviti alla newsletter: https://www.nicfab.eu/it/pages/newsletter/#iscriviti-ora

#Privacy #GDPR #AIAct #Cybersecurity

📬 NicFab Newsletter #12 | March 17, 2026

Privacy, Data Protection, AI & Cybersecurity — weekly review.

In this issue:

🔴 Intesa Sanpaolo fined €17.6 million for unlawful profiling of 2.4 million customers transferred to digital subsidiary Isybank

🔴 Acea Energia sanctioned €2 million for over 1,200 fraudulent door-to-door contracts activated without customer knowledge

🏛️ EDPB and EDPS publish joint opinion supporting European Biotech Act while requesting specific safeguards for health data

📊 European Commission launches TraceMap, new AI platform for food safety using artificial intelligence to detect fraud and contamination

🔍 CNIL issues new recommendations for web filtering proxy servers balancing corporate cybersecurity with GDPR compliance

⚠️ Operation Synergia III targets international cybercrime while SocksEscort botnet dismantled with 369,000 compromised IPs

📈 EU moves toward banning AI nudification apps following high-profile cases and growing regulatory concerns

📖 AI Act Explained Part 12 covers Article 16 obligations for high-risk AI system providers including technical documentation requirements

👉 Read the full issue: https://www.nicfab.eu/en/newsletter/2026-03-17-issue-12/

📩 Subscribe to the newsletter: https://www.nicfab.eu/en/pages/newsletter/#subscribe-now

#Privacy #GDPR #AIAct #Cybersecurity

Daily Digest | 17 March 2026

PI_COM:Ares(2026)2806442: Proposal for a Regulation on the European Union Agency for Law Enforcement Cooperation (Eur...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=PI_COM:Ares(2026)2806442

Cyber-attacks against the EU and its member states: Council sanctions three entities and two individuals
Council of the EU Press Releases
https://www.consilium.europa.eu/en/press/press-releases/2026/03/16/cyber-attacks-against-the-eu-and-its-member-states-council-sanctions-three-entities-and-two-individuals/

CELEX:32026R0695: Council Implementing Regulation (EU) 2026/695 of 14 March 2026 implementing Regulation (EU) No 269/...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:32026R0695

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
The Hacker News
https://thehackernews.com/2026/03/glassworm-attack-uses-stolen-github.html

Privacy-Preserving Federated Fraud Detection in Payment Transactions with NVIDIA FLARE
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.13617

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 18 March 2026

Towards trustworthy AI in the EU public administration: The EDPS Compass for its new role under the AI Act
EDPS News Feed
https://www.edps.europa.eu/press-publications/press-news/news/2026/towards-trustworthy-ai-eu-public-administration-edps-compass-its-new-role-under-ai-act

Briefing - Simplifying cybersecurity reporting: The Digital Omnibus Single-Entry Point mechanism - 17-03-2026
Documents - Think Tank - European Parliament
https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI(2026)785675

Europe sanctions Chinese and Iranian firms for cyberattacks
BleepingComputer
https://www.bleepingcomputer.com/news/security/europe-sanctions-chinese-and-iranian-firms-for-cyberattacks/

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
BleepingComputer
https://www.bleepingcomputer.com/news/security/glassworm-malware-hits-400-plus-code-repos-on-github-npm-vscode-openvsx/

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
The Hacker News
https://thehackernews.com/2026/03/leaknet-ransomware-uses-clickfix-via.html

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 19 March 2026

At a Glance - Enforcement of the AI Act - 17-03-2026
Documents - Think Tank - European Parliament
https://www.europarl.europa.eu/thinktank/en/document/EPRS_ATA(2026)785670

COM:2026:321:FIN: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on THE 28TH REGIME CORPORAT...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=COM:2026:321:FIN

Russian hybrid threats: four individuals added to EU sanctions list for information manipulation activities
Council of the EU Press Releases
https://www.consilium.europa.eu/en/press/press-releases/2026/03/16/russian-hybrid-threats-four-individuals-added-to-eu-sanctions-list-for-information-manipulation-activities/

EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations
SecurityWeek RSS Feed
https://www.securityweek.com/eu-sanctions-chinese-iranian-firms-supporting-hacking-operations/

Anonymous-by-Construction: An LLM-Driven Framework for Privacy-Preserving Text
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.17217

#Privacy #AI #Cybersecurity #DailyDigest

📢 EDPB & EDPS | Joint Opinion on Cybersecurity Act 2 and NIS2
On 19 March 2026, EDPB and EDPS adopted Joint Opinion 4/2026 on the proposed Cybersecurity Act 2 and NIS2 amendments.
Key points:
▪️ Strengthened role of ENISA and cybersecurity certification
▪️ ENISA must consult the EDPB on certification schemes for personal data processing
▪️ Single-entry point for personal data breach notifications
▪️ Digital Identity Wallet providers designated as NIS2 essential entities
📄 https://www.edpb.europa.eu/our-work-tools/our-documents/edpbedps-joint-opinion/edpb-edps-joint-opinion-42026-proposal_en
#Privacy #DataProtection #Cybersecurity #EDPB #NIS2

Daily Digest | 20 March 2026

EDPB-EDPS Joint Opinion 4/2026 on the Proposal for a Cybersecurity Act 2 and the Proposal on amendments to the NIS 2 ...
EDPB publications
https://www.edpb.europa.eu/our-work-tools/our-documents/edpbedps-joint-opinion/edpb-edps-joint-opinion-42026-proposal_en

CEF 2026: EDPB launches coordinated enforcement action on transparency and information obligations under the GDPR
European Data Protection Board
https://www.edpb.europa.eu/news/news/2026/cef-2026-edpb-launches-coordinated-enforcement-action-transparency-and-information_en

Navia discloses data breach impacting 2.7 million people
BleepingComputer
https://www.bleepingcomputer.com/news/security/navia-discloses-data-breach-impacting-27-million-people/

Critical ScreenConnect Vulnerability Exposes Machine Keys
SecurityWeek RSS Feed
https://www.securityweek.com/critical-screenconnect-vulnerability-exposes-machine-keys/

FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack
TechCrunch
https://techcrunch.com/2026/03/19/fbi-seizes-pro-iranian-hacking-groups-websites-after-destructive-stryker-hack/

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 23 March 2026

EDPB-EDPS Joint Opinion on the Proposal for a Cybersecurity Act 2 and the Proposal on amendments to the NIS 2 Directive
EDPS News Feed
https://www.edps.europa.eu/press-publications/press-news/news/2026/edpb-edps-joint-opinion-cybersecurity-act-2-and-amendments-nis-2-directive

High-Level Debate: “From Omnibus to Opportunity: Driving Data Protection and Innovation”
EDPS News Feed
https://www.edps.europa.eu/press-publications/press-news/news/2026/high-level-debate-omnibus-opportunity-driving-data-protection-and-innovation_en

PODCAST - A proposito di privacy - Sesto episodio - DOSSIER SANITARIO
Garante Protezione dei dati personali - news
https://www.gpdp.it/garante/doc.jsp?ID=10148225

VoidStealer malware steals Chrome master key via debugger trick
BleepingComputer
https://www.bleepingcomputer.com/news/security/voidstealer-malware-steals-chrome-master-key-via-debugger-trick/

A Novel Solution for Zero-Day Attack Detection in IDS using Self-Attention and Jensen-Shannon Divergence in WGAN-GP
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.19350

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 24 March 2026

CONSIL:ST_7470_2026_INIT: Proposal for a COUNCIL RECOMMENDATION on a European Union framework for science diplomacy -...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CONSIL:ST_7470_2026_INIT

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
The Hacker News
https://thehackernews.com/2026/03/north-korean-hackers-abuse-vs-code-auto.html

FBI says Iranian hackers are using Telegram to steal data in malware attacks
TechCrunch
https://techcrunch.com/2026/03/23/fbi-says-iranian-hackers-are-using-telegram-to-steal-data-in-malware-attacks/

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack
SecurityWeek RSS Feed
https://www.securityweek.com/aquas-trivy-vulnerability-scanner-hit-by-supply-chain-attack/

Rule-State Inference (RSI): A Bayesian Framework for Compliance Monitoring in Rule-Governed Domains
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.21610

#Privacy #AI #Cybersecurity #DailyDigest

📩 NicFab Newsletter #13 — 24 marzo 2026

È disponibile il numero 13 della newsletter bilingue (IT/EN) su privacy, protezione dei dati, regolazione AI e cybersecurity.

Questa settimana:
🔹 Tribunale di Roma annulla la sanzione da €15M a OpenAI
🔹 EDPB lancia il CEF 2026 sulla trasparenza (25 autorità)
🔹 Chat Control — nessuna intesa tra Parlamento e Consiglio
🔹 Parere congiunto EDPB-EDPS su Cybersecurity Act 2 e NIS2
🔹 Approvato il rinvio di alcune norme AI Act
🔹 Sanzioni UE contro entità cinesi e iraniane per cyberattacchi

🎙️ NOVITÀ: Debutta il Podcast — Legal Prompting, Episodio #1
🔖 AI Act in Pillole – Parte 13: Articolo 17

📖 https://www.nicfab.eu/it/newsletter-issues/2026-03-24-issue-13/
📩 Iscriviti → https://www.nicfab.eu/it/pages/newsletter/#iscriviti-ora

#Privacy #GDPR #AIAct #Cybersecurity #EDPB #NicFab #LegalPrompting #Podcast

📩 NicFab Newsletter #13 — March 24, 2026

Issue #13 of the bilingual (IT/EN) newsletter on privacy, data protection, AI regulation and cybersecurity is now available.

This week:
🔹 Rome Court annuls the €15M fine against OpenAI
🔹 EDPB launches CEF 2026 on transparency (25 DPAs)
🔹 Chat Control — no deal between Parliament and Council
🔹 EDPB-EDPS Joint Opinion on Cybersecurity Act 2 & NIS2
🔹 EU AI Act delay approved
🔹 EU sanctions Chinese and Iranian entities for cyberattacks

🎙️ NEW: Podcast launches today — Legal Prompting, Episode #1
🔖 AI Act in a Nutshell – Part 13: Article 17

📖 https://www.nicfab.eu/en/newsletter-issues/2026-03-24-issue-13/
📩 Subscribe → https://www.nicfab.eu/en/pages/newsletter/#subscribe-now

#Privacy #GDPR #AIAct #Cybersecurity #EDPB #NicFab #LegalPrompting #Podcast

Daily Digest | 25 March 2026

Crunchyroll confirms data breach after hacker claims unauthorized access
TechCrunch
https://techcrunch.com/2026/03/24/crunchyroll-confirms-data-breach-after-hacker-claims-unauthorized-access/

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
BleepingComputer
https://www.bleepingcomputer.com/news/security/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack/

Yanluowang ransomware access broker gets 81 months in prison
BleepingComputer
https://www.bleepingcomputer.com/news/security/yanluowang-ransomware-access-broker-gets-81-months-in-prison/

3.1 Million Impacted by QualDerm Data Breach
SecurityWeek RSS Feed
https://www.securityweek.com/3-1-million-impacted-by-qualderm-data-breach/

Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn
SecurityWeek RSS Feed
https://www.securityweek.com/critical-citrix-netscaler-vulnerability-poised-for-exploitation-security-firms-warn/

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 26 March 2026

Delve did the security compliance on LiteLLM, an AI project hit by malware
TechCrunch
https://techcrunch.com/2026/03/25/delve-did-the-security-compliance-on-litellm-an-ai-project-hit-by-malware/

Vie privée des enfants : les résultats de l’audit du Global Privacy Enforcement Network
CNIL France
https://www.cnil.fr/fr/vie-privee-des-enfants-les-resultats-de-laudit-du-global-privacy-enforcement-network

G7 meets in France to narrow transatlantic Iran split
Euractiv
https://www.euractiv.com/news/g7-meets-in-france-to-narrow-transatlantic-iran-split/

Press release - Future EU Customs Authority to be headquartered in Lille, France
Press releases - Committees - European Parliament
https://www.europarl.europa.eu/news/en/press-room/20260323IPR38814/

Briefing - Artificial Intelligence in Classrooms: Ethical Dimensions - 25-03-2026
Documents - Think Tank - European Parliament
https://www.europarl.europa.eu/thinktank/en/document/IUST_BRI(2026)784573

#Privacy #AI #Cybersecurity #DailyDigest

The European Parliament has published a briefing on the ethical dimensions of AI in classrooms (PE 784.573, March 2026), authored by Prof. Wayne Holmes for the CULT Committee.

The document is strong on the ethical-philosophical plane. But the real challenge lies elsewhere: we don't need more principles — we need operational connections between the principles already formulated, binding rules (GDPR, AI Act) and European competence frameworks (DigComp 3.0, eCF 4.0).

In my latest article, I analyse the briefing from the perspective of a data protection lawyer, focusing on:

— The false dichotomy between ethics and law
— Children as rights-bearing subjects, not objects of optimisation
— The "flipped AI divide" as a matter of substantive equality
— The CEN-CENELEC JTC 21 standard on professional AI ethicists
— The role of DigComp 3.0 and eCF 4.0 in bridging the principles-to-practice gap

Full article: https://www.nicfab.eu/en/posts/ai-ethics-classrooms-ep/

Stay updated on AI, privacy and digital rights — subscribe to the newsletter: https://www.nicfab.eu/en/pages/newsletter/#subscribe-now

#AIAct #GDPR #AIethics #Education #DigComp #eCF #EuropeanParliament #DigitalRights #Privacy #ArtificialIntelligence

Il Parlamento Europeo ha pubblicato un briefing sulle dimensioni etiche dell'IA nelle aule scolastiche (PE 784.573, marzo 2026), redatto dal Prof. Wayne Holmes per la commissione CULT.

Il documento è solido sul piano etico-filosofico. Ma il vero nodo è un altro: non servono nuovi principi — servono connessioni operative tra i principi già formulati, le norme vincolanti (GDPR, AI Act) e i framework europei di competenze (DigComp 3.0, eCF 4.0).

Nel mio ultimo articolo analizzo il briefing dalla prospettiva del giurista specializzato in protezione dei dati, con un focus su:

— La falsa dicotomia tra etica e diritto
— I minori come soggetti di diritto, non oggetti di ottimizzazione
— Il "flipped AI divide" come questione di uguaglianza sostanziale
— Lo standard CEN-CENELEC JTC 21 sugli eticisti professionali dell'IA
— Il ruolo di DigComp 3.0 e eCF 4.0 nel colmare il divario principi-prassi

Articolo completo: https://www.nicfab.eu/it/posts/ai-ethics-classrooms-ep/

Per restare aggiornati sui temi di AI, privacy e diritti digitali, iscrivetevi alla newsletter: https://www.nicfab.eu/it/pages/newsletter/#iscriviti-ora

#AIAct #GDPR #EticaIA #Istruzione #DigComp #eCF #ParlamentoEuropeo #DigitalRights #Privacy #ArtificialIntelligence