Mailfence Privacy Digest August 2025, N°4

Featured image for the Mailfence Privacy Digest August 2025

Table of Contents

Share this article:

Welcome to this new edition of Mailfence’s Privacy and Cybersecurity Newsletter! In a year marked by growing privacy challenges, our mission remains unchanged: keeping you informed about the latest threats, policy shifts, and practical solutions for digital security.

EU “Chat Control” Proposal: Mass Message Scanning Looms

The EU’s controversial Chat Control proposal is now backed by 19 member states, with a final Council vote expected by October 14, 2025. If passed, apps like WhatsApp, Signal, and Telegram will have to scan every private message — photos, videos, and chats — on users’ devices before encryption. Critics warn this means real-time surveillance and the end of true digital privacy for Europeans, including risks to end-to-end encryption and anonymous communication.

Proponents say it’s needed to protect children, but independent experts and the European Parliament warn about high error rates, the risk of misidentification, and a blow to fundamental rights. The fight for digital privacy in Europe has never been so urgent.

Mailfence believes in access to encrypted communication. Therefore, we co-signed an open letter expressing opposition to client-side scanning, urging EU member states to protect user privacy.

Read More:

CSA Regulation Open Letter

Euronews Analysis: Mass Surveillance Risks

ChatGPT and Prompt Privacy: Openness Under Fire

In an eyebrow-raising admission, Sam Altman confirmed that ChatGPT prompts can be seen — and shared with authorities and governments that OpenAI “deems appropriate.” This means prompts are potentially accessible not only to trusted agencies, but also to rogue actors or countries if OpenAI considers it justified —  questions about user privacy in mainstream AI services.

Notably, decentralized services like Venice.ai and Akash Network guarantee: your prompts are never stored or shared.

Continue Reading:

Wired: AI Prompt Privacy Risks

Zero-Days on the Rise: What You Need to Know

August 2025 saw a surge in critical zero-day vulnerabilities actively exploited across major platforms — from Apple and Microsoft to Citrix and Microsoft Teams.

  • Apple rushed to patch a dangerous flaw in its ImageIO framework affecting iOS, iPadOS, and macOS. This one-click exploit let attackers compromise devices without any user interaction — a stark reminder of how sophisticated threats have become.
  • Microsoft released emergency fixes for a deadly Kerberos elevation of privilege zero-day that could grant attackers full domain control.
  • A Teams vulnerability exposed enterprise data risks, with patches pushed quickly as attacks ramped up.
  • Citrix NetScaler Gateway equipment was hit by a critical remote code execution zero-day still exploited in the wild, forcing urgent update rollouts.

As these sophisticated vulnerabilities multiply, staying current with updates isn’t optional — it’s essential to safeguard your privacy, data, and business continuity.

The moral of the story: Keep your systems current.

Learn More:

Apple addressed the seventh actively exploited zero-day

That’s it for now!

That wraps up this month’s edition! Remember — privacy is only as strong as our collective vigilance and informed choice. We’ll be back next month with more updates from the frontline of digital security.

Best,

Patrick

Get the latest privacy news in your inbox

Sign up to the Mailfence Newsletter.

Reclaim your email privacy.
Create your free and secure email today.
Picture of Patrick De Schutter

Patrick De Schutter

Patrick is the co-founder of Mailfence. He's a serial entrepreneur and startup investor since 1994 and launched several pioneering internet companies such as Allmansland, IP Netvertising or Express.be. He is a strong believer and advocate of encryption and privacy.

Recommended for you