Welcome to this new edition of Mailfence’s Privacy and Cybersecurity Newsletter! In a year marked by growing privacy challenges, our mission remains unchanged: keeping you informed about the latest threats, policy shifts, and practical solutions for digital security.
EU “Chat Control” Proposal: Mass Message Scanning Looms
The EU’s controversial Chat Control proposal is now backed by 19 member states, with a final Council vote expected by October 14, 2025. If passed, apps like WhatsApp, Signal, and Telegram will have to scan every private message — photos, videos, and chats — on users’ devices before encryption. Critics warn this means real-time surveillance and the end of true digital privacy for Europeans, including risks to end-to-end encryption and anonymous communication.
Proponents say it’s needed to protect children, but independent experts and the European Parliament warn about high error rates, the risk of misidentification, and a blow to fundamental rights. The fight for digital privacy in Europe has never been so urgent.
Mailfence believes in access to encrypted communication. Therefore, we co-signed an open letter expressing opposition to client-side scanning, urging EU member states to protect user privacy.
Read More:
Euronews Analysis: Mass Surveillance Risks
ChatGPT and Prompt Privacy: Openness Under Fire
In an eyebrow-raising admission, Sam Altman confirmed that ChatGPT prompts can be seen — and shared with authorities and governments that OpenAI “deems appropriate.” This means prompts are potentially accessible not only to trusted agencies, but also to rogue actors or countries if OpenAI considers it justified — questions about user privacy in mainstream AI services.
Notably, decentralized services like Venice.ai and Akash Network guarantee: your prompts are never stored or shared.
Continue Reading:
Wired: AI Prompt Privacy Risks
Zero-Days on the Rise: What You Need to Know
August 2025 saw a surge in critical zero-day vulnerabilities actively exploited across major platforms — from Apple and Microsoft to Citrix and Microsoft Teams.
- Apple rushed to patch a dangerous flaw in its ImageIO framework affecting iOS, iPadOS, and macOS. This one-click exploit let attackers compromise devices without any user interaction — a stark reminder of how sophisticated threats have become.
- Microsoft released emergency fixes for a deadly Kerberos elevation of privilege zero-day that could grant attackers full domain control.
- A Teams vulnerability exposed enterprise data risks, with patches pushed quickly as attacks ramped up.
- Citrix NetScaler Gateway equipment was hit by a critical remote code execution zero-day still exploited in the wild, forcing urgent update rollouts.
As these sophisticated vulnerabilities multiply, staying current with updates isn’t optional — it’s essential to safeguard your privacy, data, and business continuity.
The moral of the story: Keep your systems current.
Learn More:
Apple addressed the seventh actively exploited zero-day
Recommended reading
- EU “Chat Control” Regulation Nears Final Vote (European Crypto Initiative)
- Major Cyber Attacks, Ransomware Attacks and Data Breaches: August 2025 (Cyber Management Alliance)
- Hide My Email: The Ultimate Privacy Hack in 2025 (Mailfence blog)
- Gmail Alternative in 2025: Is This the Best Private and Secure Option? (Mailfence blog)
- Why Online Privacy Matters in 2025 (Mailfence blog)
- Tuta vs Mailfence: A Full Comparison Guide (2025) (Mailfence blog)
That’s it for now!
That wraps up this month’s edition! Remember — privacy is only as strong as our collective vigilance and informed choice. We’ll be back next month with more updates from the frontline of digital security.
Best,
Patrick
Get the latest privacy news in your inbox
Sign up to the Mailfence Newsletter.