12 matches found
CVE-2026-32752
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, the ThreadPolicy::edit method contains a broken access control vulnerability that allows any authenticated user regardless of role or mailbox access to read and modify all...
CVE-2026-32752 FreeScout: Broken Access Control in ThreadPolicy — Any User Can Read/Edit All Customer Messages
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, the ThreadPolicy::edit method contains a broken access control vulnerability that allows any authenticated user regardless of role or mailbox access to read and modify all...
CVE-2026-32752 FreeScout: Broken Access Control in ThreadPolicy — Any User Can Read/Edit All Customer Messages
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, the ThreadPolicy::edit method contains a broken access control vulnerability that allows any authenticated user regardless of role or mailbox access to read and modify all...
TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China
Ireland's Data Protection Commission DPC on Friday fined popular video-sharing platform TikTok €530 million $601 million for infringing data protection regulations in the region by transferring European users' data to China. "TikTok infringed the GDPR regarding its transfers of EEA European...
Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations
Italy's data protection authority has fined ChatGPT maker OpenAI a fine of €15 million $15.66 million over how the generative artificial intelligence application handles personal data. The fine comes nearly a year after the Garante found that ChatGPT processed users' information to train its...
Pinterest tracks users without consent, alleges complaint
Pinterest has received a complaint from privacy watchdog noyb None of your business over the unsolicited tracking of its users. Pinterest allows you to pin images to virtual pinboards; useful for interior design, recipe ideas, party inspiration, and much more. It started as a virtual replacement...
Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
The Dutch Data Protection Authority Dutch DPA has imposed a fine of €30.5 million $33.7 million against facial recognition firm Clearview AI for violating the General Data Protection Regulation GDPR in the European Union E.U. by building an "illegal database with billions of photos of faces,"...
WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws
The Irish Data Protection Commission DPC on Thursday imposed fresh fines of €5.5 million against Meta's WhatsApp for violating data protection laws when processing users' personal information. At the heart of the ruling is an update to the messaging platform's Terms of Service that was imposed in...
France Rules That Using Google Analytics Violates GDPR Data Protection Law
French data protection regulators on Thursday found the use of Google Analytics a breach of the European Union's General Data Protection Regulation GDPR laws in the country, almost a month after a similar decision was reached in Austria. To that end, the National Commission on Informatics and...
Ticketmaster Scores Hefty Fine Over 2018 Data Breach
Ticketmaster’s UK division has been slapped with a $1.65 million fine by the Information Commissioner’s Office ICO in the UK, over its 2018 data breach that impacted 9.4 million customers. The fine £1.25million has been levied after the ICO found that the company “failed to put appropriate securi...
This Week in Security News: Ransomware and Cyber Threats
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about new routines for encryption of JobCrypter ransomware. Also, understand how Emotet has managed to evolve into one of the most...
UK Tax Agency Collects 5.1M Biometric Voice IDs, May Violate GDPR
Her Majesty’s Revenue and Customs HMRC in the UK is under investigation by that country’s regulator over the collection of more than 5 million biometric voice IDs. The Information Commissioner’s Office ICO is investigating the tax agency’s practice, which may violate the recently implemented...