Daily Digest | 16 March 2026

CONSIL:ST_7322_2026_INIT: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL amending Regulation...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CONSIL:ST_7322_2026_INIT

Council agrees position to streamline rules on Artificial Intelligence
Council of the EU Press Releases
https://www.consilium.europa.eu/en/press/press-releases/2026/03/13/council-agrees-position-to-streamline-rules-on-artificial-intelligence/

Serveur mandataire web filtrant : les recommandations de la CNIL
CNIL France
https://www.cnil.fr/fr/recommandation-serveur-mandataire-web-filtrant

PI_COM:Ares(2026)2709234: COMMISSION IMPLEMENTING REGULATION (EU) …/... on detailed arrangements for the conduct of c...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=PI_COM:Ares(2026)2709234

Learnability and Privacy Vulnerability are Entangled in a Few Critical Weights
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.13186

#Privacy #AI #Cybersecurity #DailyDigest

📬 NicFab Newsletter #12 | 17 marzo 2026

Privacy, Data Protection, AI e Cybersecurity — la rassegna settimanale.

In questo numero:

🔴 Intesa Sanpaolo sanzionata per 17,6 milioni: trasferimento illegittimo di 2,4 milioni di clienti tramite profilazione non autorizzata

🟢 EDPB ed EDPS sostengono l'armonizzazione delle sperimentazioni cliniche nell'European Biotech Act con nuove salvaguardie

🔴 Acea Energia multata per 2 milioni per contratti fraudolenti attivati all'insaputa dei clienti tramite agenti porta a porta

📈 TraceMap: Commissione UE lancia piattaforma AI per accelerare il rilevamento di frodi e contaminazioni alimentari

⚠️ Operation Synergia III smantella reti cybercriminali internazionali, compromessi 369.000 IP in 163 paesi

🏛️ Parlamento UE proroga deroga privacy per contrastare abusi sessuali online sui minori

📖 AI Act in Pillole: analisi degli obblighi per fornitori di sistemi ad alto rischio secondo l'Articolo 16

🔍 ICO multa Police Scotland per condivisione impropria di dati personali, crescono le sanzioni UK

👉 Leggi il numero completo: https://www.nicfab.eu/it/newsletter/2026-03-17-issue-12/

📩 Iscriviti alla newsletter: https://www.nicfab.eu/it/pages/newsletter/#iscriviti-ora

#Privacy #GDPR #AIAct #Cybersecurity

📬 NicFab Newsletter #12 | March 17, 2026

Privacy, Data Protection, AI & Cybersecurity — weekly review.

In this issue:

🔴 Intesa Sanpaolo fined €17.6 million for unlawful profiling of 2.4 million customers transferred to digital subsidiary Isybank

🔴 Acea Energia sanctioned €2 million for over 1,200 fraudulent door-to-door contracts activated without customer knowledge

🏛️ EDPB and EDPS publish joint opinion supporting European Biotech Act while requesting specific safeguards for health data

📊 European Commission launches TraceMap, new AI platform for food safety using artificial intelligence to detect fraud and contamination

🔍 CNIL issues new recommendations for web filtering proxy servers balancing corporate cybersecurity with GDPR compliance

⚠️ Operation Synergia III targets international cybercrime while SocksEscort botnet dismantled with 369,000 compromised IPs

📈 EU moves toward banning AI nudification apps following high-profile cases and growing regulatory concerns

📖 AI Act Explained Part 12 covers Article 16 obligations for high-risk AI system providers including technical documentation requirements

👉 Read the full issue: https://www.nicfab.eu/en/newsletter/2026-03-17-issue-12/

📩 Subscribe to the newsletter: https://www.nicfab.eu/en/pages/newsletter/#subscribe-now

#Privacy #GDPR #AIAct #Cybersecurity

Daily Digest | 17 March 2026

PI_COM:Ares(2026)2806442: Proposal for a Regulation on the European Union Agency for Law Enforcement Cooperation (Eur...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=PI_COM:Ares(2026)2806442

Cyber-attacks against the EU and its member states: Council sanctions three entities and two individuals
Council of the EU Press Releases
https://www.consilium.europa.eu/en/press/press-releases/2026/03/16/cyber-attacks-against-the-eu-and-its-member-states-council-sanctions-three-entities-and-two-individuals/

CELEX:32026R0695: Council Implementing Regulation (EU) 2026/695 of 14 March 2026 implementing Regulation (EU) No 269/...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:32026R0695

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
The Hacker News
https://thehackernews.com/2026/03/glassworm-attack-uses-stolen-github.html

Privacy-Preserving Federated Fraud Detection in Payment Transactions with NVIDIA FLARE
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.13617

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 18 March 2026

Towards trustworthy AI in the EU public administration: The EDPS Compass for its new role under the AI Act
EDPS News Feed
https://www.edps.europa.eu/press-publications/press-news/news/2026/towards-trustworthy-ai-eu-public-administration-edps-compass-its-new-role-under-ai-act

Briefing - Simplifying cybersecurity reporting: The Digital Omnibus Single-Entry Point mechanism - 17-03-2026
Documents - Think Tank - European Parliament
https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI(2026)785675

Europe sanctions Chinese and Iranian firms for cyberattacks
BleepingComputer
https://www.bleepingcomputer.com/news/security/europe-sanctions-chinese-and-iranian-firms-for-cyberattacks/

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
BleepingComputer
https://www.bleepingcomputer.com/news/security/glassworm-malware-hits-400-plus-code-repos-on-github-npm-vscode-openvsx/

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
The Hacker News
https://thehackernews.com/2026/03/leaknet-ransomware-uses-clickfix-via.html

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 19 March 2026

At a Glance - Enforcement of the AI Act - 17-03-2026
Documents - Think Tank - European Parliament
https://www.europarl.europa.eu/thinktank/en/document/EPRS_ATA(2026)785670

COM:2026:321:FIN: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on THE 28TH REGIME CORPORAT...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=COM:2026:321:FIN

Russian hybrid threats: four individuals added to EU sanctions list for information manipulation activities
Council of the EU Press Releases
https://www.consilium.europa.eu/en/press/press-releases/2026/03/16/russian-hybrid-threats-four-individuals-added-to-eu-sanctions-list-for-information-manipulation-activities/

EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations
SecurityWeek RSS Feed
https://www.securityweek.com/eu-sanctions-chinese-iranian-firms-supporting-hacking-operations/

Anonymous-by-Construction: An LLM-Driven Framework for Privacy-Preserving Text
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.17217

#Privacy #AI #Cybersecurity #DailyDigest

📢 EDPB & EDPS | Joint Opinion on Cybersecurity Act 2 and NIS2
On 19 March 2026, EDPB and EDPS adopted Joint Opinion 4/2026 on the proposed Cybersecurity Act 2 and NIS2 amendments.
Key points:
▪️ Strengthened role of ENISA and cybersecurity certification
▪️ ENISA must consult the EDPB on certification schemes for personal data processing
▪️ Single-entry point for personal data breach notifications
▪️ Digital Identity Wallet providers designated as NIS2 essential entities
📄 https://www.edpb.europa.eu/our-work-tools/our-documents/edpbedps-joint-opinion/edpb-edps-joint-opinion-42026-proposal_en
#Privacy #DataProtection #Cybersecurity #EDPB #NIS2

Daily Digest | 20 March 2026

EDPB-EDPS Joint Opinion 4/2026 on the Proposal for a Cybersecurity Act 2 and the Proposal on amendments to the NIS 2 ...
EDPB publications
https://www.edpb.europa.eu/our-work-tools/our-documents/edpbedps-joint-opinion/edpb-edps-joint-opinion-42026-proposal_en

CEF 2026: EDPB launches coordinated enforcement action on transparency and information obligations under the GDPR
European Data Protection Board
https://www.edpb.europa.eu/news/news/2026/cef-2026-edpb-launches-coordinated-enforcement-action-transparency-and-information_en

Navia discloses data breach impacting 2.7 million people
BleepingComputer
https://www.bleepingcomputer.com/news/security/navia-discloses-data-breach-impacting-27-million-people/

Critical ScreenConnect Vulnerability Exposes Machine Keys
SecurityWeek RSS Feed
https://www.securityweek.com/critical-screenconnect-vulnerability-exposes-machine-keys/

FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack
TechCrunch
https://techcrunch.com/2026/03/19/fbi-seizes-pro-iranian-hacking-groups-websites-after-destructive-stryker-hack/

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 23 March 2026

EDPB-EDPS Joint Opinion on the Proposal for a Cybersecurity Act 2 and the Proposal on amendments to the NIS 2 Directive
EDPS News Feed
https://www.edps.europa.eu/press-publications/press-news/news/2026/edpb-edps-joint-opinion-cybersecurity-act-2-and-amendments-nis-2-directive

High-Level Debate: “From Omnibus to Opportunity: Driving Data Protection and Innovation”
EDPS News Feed
https://www.edps.europa.eu/press-publications/press-news/news/2026/high-level-debate-omnibus-opportunity-driving-data-protection-and-innovation_en

PODCAST - A proposito di privacy - Sesto episodio - DOSSIER SANITARIO
Garante Protezione dei dati personali - news
https://www.gpdp.it/garante/doc.jsp?ID=10148225

VoidStealer malware steals Chrome master key via debugger trick
BleepingComputer
https://www.bleepingcomputer.com/news/security/voidstealer-malware-steals-chrome-master-key-via-debugger-trick/

A Novel Solution for Zero-Day Attack Detection in IDS using Self-Attention and Jensen-Shannon Divergence in WGAN-GP
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.19350

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 24 March 2026

CONSIL:ST_7470_2026_INIT: Proposal for a COUNCIL RECOMMENDATION on a European Union framework for science diplomacy -...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CONSIL:ST_7470_2026_INIT

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
The Hacker News
https://thehackernews.com/2026/03/north-korean-hackers-abuse-vs-code-auto.html

FBI says Iranian hackers are using Telegram to steal data in malware attacks
TechCrunch
https://techcrunch.com/2026/03/23/fbi-says-iranian-hackers-are-using-telegram-to-steal-data-in-malware-attacks/

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack
SecurityWeek RSS Feed
https://www.securityweek.com/aquas-trivy-vulnerability-scanner-hit-by-supply-chain-attack/

Rule-State Inference (RSI): A Bayesian Framework for Compliance Monitoring in Rule-Governed Domains
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.21610

#Privacy #AI #Cybersecurity #DailyDigest

📩 NicFab Newsletter #13 — 24 marzo 2026

È disponibile il numero 13 della newsletter bilingue (IT/EN) su privacy, protezione dei dati, regolazione AI e cybersecurity.

Questa settimana:
🔹 Tribunale di Roma annulla la sanzione da €15M a OpenAI
🔹 EDPB lancia il CEF 2026 sulla trasparenza (25 autorità)
🔹 Chat Control — nessuna intesa tra Parlamento e Consiglio
🔹 Parere congiunto EDPB-EDPS su Cybersecurity Act 2 e NIS2
🔹 Approvato il rinvio di alcune norme AI Act
🔹 Sanzioni UE contro entità cinesi e iraniane per cyberattacchi

🎙️ NOVITÀ: Debutta il Podcast — Legal Prompting, Episodio #1
🔖 AI Act in Pillole – Parte 13: Articolo 17

📖 https://www.nicfab.eu/it/newsletter-issues/2026-03-24-issue-13/
📩 Iscriviti → https://www.nicfab.eu/it/pages/newsletter/#iscriviti-ora

#Privacy #GDPR #AIAct #Cybersecurity #EDPB #NicFab #LegalPrompting #Podcast

📩 NicFab Newsletter #13 — March 24, 2026

Issue #13 of the bilingual (IT/EN) newsletter on privacy, data protection, AI regulation and cybersecurity is now available.

This week:
🔹 Rome Court annuls the €15M fine against OpenAI
🔹 EDPB launches CEF 2026 on transparency (25 DPAs)
🔹 Chat Control — no deal between Parliament and Council
🔹 EDPB-EDPS Joint Opinion on Cybersecurity Act 2 & NIS2
🔹 EU AI Act delay approved
🔹 EU sanctions Chinese and Iranian entities for cyberattacks

🎙️ NEW: Podcast launches today — Legal Prompting, Episode #1
🔖 AI Act in a Nutshell – Part 13: Article 17

📖 https://www.nicfab.eu/en/newsletter-issues/2026-03-24-issue-13/
📩 Subscribe → https://www.nicfab.eu/en/pages/newsletter/#subscribe-now

#Privacy #GDPR #AIAct #Cybersecurity #EDPB #NicFab #LegalPrompting #Podcast

Daily Digest | 25 March 2026

Crunchyroll confirms data breach after hacker claims unauthorized access
TechCrunch
https://techcrunch.com/2026/03/24/crunchyroll-confirms-data-breach-after-hacker-claims-unauthorized-access/

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
BleepingComputer
https://www.bleepingcomputer.com/news/security/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack/

Yanluowang ransomware access broker gets 81 months in prison
BleepingComputer
https://www.bleepingcomputer.com/news/security/yanluowang-ransomware-access-broker-gets-81-months-in-prison/

3.1 Million Impacted by QualDerm Data Breach
SecurityWeek RSS Feed
https://www.securityweek.com/3-1-million-impacted-by-qualderm-data-breach/

Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn
SecurityWeek RSS Feed
https://www.securityweek.com/critical-citrix-netscaler-vulnerability-poised-for-exploitation-security-firms-warn/

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 26 March 2026

Delve did the security compliance on LiteLLM, an AI project hit by malware
TechCrunch
https://techcrunch.com/2026/03/25/delve-did-the-security-compliance-on-litellm-an-ai-project-hit-by-malware/

Vie privée des enfants : les résultats de l’audit du Global Privacy Enforcement Network
CNIL France
https://www.cnil.fr/fr/vie-privee-des-enfants-les-resultats-de-laudit-du-global-privacy-enforcement-network

G7 meets in France to narrow transatlantic Iran split
Euractiv
https://www.euractiv.com/news/g7-meets-in-france-to-narrow-transatlantic-iran-split/

Press release - Future EU Customs Authority to be headquartered in Lille, France
Press releases - Committees - European Parliament
https://www.europarl.europa.eu/news/en/press-room/20260323IPR38814/

Briefing - Artificial Intelligence in Classrooms: Ethical Dimensions - 25-03-2026
Documents - Think Tank - European Parliament
https://www.europarl.europa.eu/thinktank/en/document/IUST_BRI(2026)784573

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 27 March 2026

EDPB conference on cross-regulatory cooperation: what we learned
EDPB News
https://www.edpb.europa.eu/news/news/2026/edpb-conference-cross-regulatory-cooperation-what-we-learned_en

NEWSLETTER del 26 marzo 2026 - Telemarketing, il Garante privacy sanziona Enel Energia per oltre 500mila euro - Annun...
Garante Protezione dei dati personali - news
https://www.gpdp.it/garante/doc.jsp?ID=10233427

Press release - Artificial Intelligence Act: delayed application, ban on nudifier apps
Press releases - Plenary sessions - European Parliament
https://www.europarl.europa.eu/news/en/press-room/20260323IPR38829/

PI_COM:Ares(2026)3247482: COMMISSION DELEGATED REGULATION (EU) …/… supplementing Directive (EU) 2023/1791 of the Euro...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=PI_COM:Ares(2026)3247482

Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles
Dark Reading
https://www.darkreading.com/vulnerabilities-threats/automotive-cybersecurity-threats-grow-connected-autonomous-vehicles

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 30 March 2026

COM:2026:135:FIN: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on establishing the Program...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=COM:2026:135:FIN

OJ:L_202600705: Commission Implementing Regulation (EU) 2026/705 of 20 March 2026 establishing model identification d...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=OJ:L_202600705

CELEX:52026PC0135: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on establishing the Progra...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:52026PC0135

CONSIL:ST_7716_2026_INIT: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on establishing the...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CONSIL:ST_7716_2026_INIT

Press release - Returns regulation: MEPs ready to start negotiations
Press releases - Plenary sessions - European Parliament
https://www.europarl.europa.eu/news/en/press-room/20260324IPR38908/

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 31 March 2026

COMUNICATO STAMPA - Data breach, Garante privacy sanziona Intesa Sanpaolo per 31,8 milioni di euro. Accessi indebiti ...
Garante Protezione dei dati personali - news
https://www.gpdp.it/garante/doc.jsp?ID=10235001

COMUNICATO STAMPA - Ddl tutela minori sui social, precisazione Garante privacy
Garante Protezione dei dati personali - news
https://www.gpdp.it/garante/doc.jsp?ID=10235032

European Commission confirms data breach after Europa.eu hack
BleepingComputer
https://www.bleepingcomputer.com/news/security/european-commission-confirms-data-breach-after-europaeu-hack/

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
The Hacker News
https://thehackernews.com/2026/03/openai-patches-chatgpt-data.html

A Regression Framework for Understanding Prompt Component Impact on LLM Performance
cs.LG updates on arXiv.org
https://arxiv.org/abs/2603.26830

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 1 April 2026

CELEX:02005R0396-20260307: Regulation (EC) No 396/2005 of the European Parliament and of the Council of 23 February 2...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:02005R0396-20260307

CONSIL:ST_7842_2026_INIT: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on establishing a f...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CONSIL:ST_7842_2026_INIT

Human rights in Iran: Council extends sanctions regime until April 2027
Council of the EU Press Releases
https://www.consilium.europa.eu/en/press/press-releases/2026/03/30/human-rights-in-iran-council-extends-sanctions-regime-until-april-2027/

Mercor says it was hit by cyberattack tied to compromise of open-source LiteLLM project
TechCrunch
https://techcrunch.com/2026/03/31/mercor-says-it-was-hit-by-cyberattack-tied-to-compromise-of-open-source-litellm-project/

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise 
SecurityWeek RSS Feed
https://www.securityweek.com/critical-vulnerability-in-openai-codex-allowed-github-token-compromise/

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 2 April 2026

New CrystalRAT malware adds RAT, stealer and prankware features
BleepingComputer
https://www.bleepingcomputer.com/news/security/new-crystalrat-malware-adds-rat-stealer-and-prankware-features/

CELEX:02011L0061-20260416: Directive 2011/61/EU of the European Parliament and of the Council of 8 June 2011 on Alter...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:02011L0061-20260416

CELEX:02013R0575-20260626: Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 ...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:02013R0575-20260626

CELEX:02024R2642-20260316: Council Regulation (EU) 2024/2642 of 8 October 2024 concerning restrictive measures in vie...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:02024R2642-20260316

Study - The human rights dimension of EU-Latin America relations in the context of the EU-CELAC summit - 31-03-2026
Documents - Think Tank - European Parliament
https://www.europarl.europa.eu/thinktank/en/document/EXAS_STU(2026)783607

#Privacy #AI #Cybersecurity #DailyDigest

Daily Digest | 3 April 2026

CELEX:32025M11936: Commission Decision of 11/08/2025 declaring a concentration to be compatible with the common marke...
EUR-Lex | AI Act | EN
https://eur-lex.europa.eu/legal-content/AUTO/?uri=CELEX:32025M11936

Gestion des ressources humaines : la CNIL publie un référentiel de durées de conservation
CNIL France
https://www.cnil.fr/fr/referentiel-durees-conservation-donnees-rh

Claude Code leak used to push infostealer malware on GitHub
BleepingComputer
https://www.bleepingcomputer.com/news/security/claude-code-leak-used-to-push-infostealer-malware-on-github/

EU blames major cybercrime group for cloud infrastructure breach
POLITICO
https://www.politico.eu/article/eu-blames-major-cybercrime-group-for-cloud-infrastructure-breach/?utm_source=RSS_Feed&utm_medium=RSS&utm_campaign=RSS_Syndication

Do LLMs Know What Is Private Internally? Probing and Steering Contextual Privacy Norms in Large Language Model Repres...
cs.CL updates on arXiv.org
https://arxiv.org/abs/2604.00209

#Privacy #AI #Cybersecurity #DailyDigest