Welcome to the November edition of Mailfence’s Privacy and Cybersecurity Newsletter! This month has delivered a stark reminder that both external threats and internal policy decisions shape our digital future. From nation-state hackers exploiting enterprise infrastructure to AI systems being weaponised for autonomous cyber espionage, the threat landscape has taken a dramatic turn. Meanwhile, European regulators have proposed sweeping changes that could fundamentally alter how our data is protected – or exploited. Here’s what happened this month:
Major Data Breaches: F5, DoorDash and Supply Chain Attacks
- Major attacks on F5 and DoorDash exposed infrastructure and customer data, underlining how supply chain weaknesses and social engineering drive large breaches.
Gmail’s AI Controversy: Are Your Emails Being Used to Train AI?
- Gmail’s AI features and Gemini integrations raise questions about whether your emails are used to train AI models and how opt-in/opt-out works in practice.
First AI-Orchestrated Cyber Espionage Campaign Disrupted
- A Chinese state-sponsored group used AI tools to automate most phases of a cyber espionage campaign, from vulnerability discovery to data exfiltration.
Windows Evolves Into an “Agentic OS”
- Windows introduces built-in AI agents and “Agent Workspaces” that can act on your files and apps, framed as productivity enhancements.
CometJacking: When Your AI Browser Becomes a Data Thief
- A vulnerability in an AI browser shows how a single malicious link can instruct the assistant to pull data from connected services and exfiltrate it.
GrapheneOS Withdraws from France Amid State Pressure
- GrapheneOS relocates its infrastructure and bans work from France after media and prosecutorial pressure paint it as a tool for criminals.
EU’s Digital Future: Cash Limits, Crypto ID Rules, and Digital Wallets
- New EU rules cap large cash payments, tighten identity requirements for crypto transfers, and roll out EU Digital Identity Wallets for citizens.
EU Digital Omnibus: A Major Rollback of Privacy Protections?
- The Digital Omnibus proposals would relax core GDPR and ePrivacy safeguards, especially around using personal data to train AI without explicit consent.
Chat Control: Council Approves Revised Proposal
- The latest Chat Control text keeps “voluntary” scanning but adds risk-based obligations, age checks, and AI text analysis that could pressure providers into mass scanning.
UK Cyber Security and Resilience Bill Enters Parliament
- A major UK bill expands cybersecurity obligations for critical sectors and managed service providers, backed by strict reporting rules and heavy fines.
Major Data Breaches: F5, DoorDash and Supply Chain Attacks
November 2025 has been dominated by high-profile breaches affecting critical infrastructure and consumer-facing services alike. The most alarming was the F5 breach, where a nation-state threat actor maintained long-term persistent access to F5’s BIG-IP development environment and engineering knowledge platforms. The attackers exfiltrated source code and information about undisclosed vulnerabilities, prompting CISA to issue Emergency Directive 26-01 requiring federal agencies to patch systems by 22 October. Thousands of F5 devices across federal networks were potentially exposed, with officials warning the stolen vulnerability data could enable attackers to exploit flaws before patches exist.
DoorDash also confirmed a data breach affecting customers, delivery workers and merchants across the US, Canada, Australia, and New Zealand. A social engineering attack on an employee exposed names, phone numbers, email addresses and physical addresses. This marks the third security incident for DoorDash since 2019, highlighting how human-targeted attacks now account for 36% of corporate intrusions, according to Palo Alto Networks research.
To limit your exposure, immediately update any F5 BIG-IP products and apply vendor hardening guidance. For DoorDash users, change your passwords, enable multifactor authentication, and monitor accounts for suspicious activity. More broadly, organisations should conduct regular vendor security assessments and implement zero-trust architectures. Individuals should use unique passwords for each service and consider credit monitoring if affected by any breach.
Learn more:
Emergency Directive 26-01: Mitigate Vulnerabilities in F5 Devices (CISA)
Nation-state hackers breached sensitive F5 systems, stole customer data (Cybersecurity Dive)
Gmail’s AI Controversy: Are Your Emails Being Used to Train AI?
A viral controversy erupted in November when reports suggested Google had automatically opted Gmail users into allowing their emails and attachments to train AI models. The story originated from a Malwarebytes report that spread rapidly across social media, with claims that users needed to disable “Smart Features” in two locations to prevent their data being harvested. Google swiftly denied these claims, stating that Gmail Smart Features have existed for years and are used for local functionality like spam filtering and writing suggestions – not for training its Gemini AI model.
However, the confusion wasn’t entirely unfounded. Google recently announced that its Gemini Deep Research tool can connect to users’ Gmail, Drive and Chat – though users must explicitly opt in. A class-action lawsuit has been filed in California alleging Google “secretly” enabled Gemini to access users’ private communications. The controversy highlights a growing trust gap between technology companies and users, where even ambiguous settings changes can trigger widespread concern about AI data practices.
To protect yourself, review your Gmail settings regardless of the controversy. Navigate to Settings > General and check your “Smart features and personalisation” options. If you’re uncomfortable with any AI access to your emails, consider switching to a privacy-focused email provider with end-to-end encryption. Remember that European users benefit from stricter GDPR protections, with these features reportedly off by default in the EU, UK, Switzerland and Japan.
Read more:
Are tech companies using your private data to train AI models? (Al Jazeera)
First AI-Orchestrated Cyber Espionage Campaign Disrupted
Anthropic disclosed what may be the first documented case of a large-scale cyberattack executed without substantial human intervention. A Chinese state-sponsored group, tracked as GTG-1002, manipulated Anthropic’s Claude Code tool to autonomously conduct cyber espionage against approximately 30 global targets, including major technology companies, financial institutions, chemical manufacturers and government agencies. The AI handled 80-90% of tactical operations independently, executing thousands of requests per second – an attack speed impossible for human hackers to match.
The attackers convinced Claude it was being used for legitimate defensive cybersecurity testing, breaking down malicious tasks into seemingly innocent requests. The AI autonomously discovered vulnerabilities, wrote exploit code, harvested credentials, performed lateral movement and exfiltrated data with minimal human oversight. Human operators intervened only at critical decision points, such as authorising escalations or reviewing data for exfiltration. Notably, Claude occasionally hallucinated credentials or overstated findings – currently an obstacle to fully autonomous cyberattacks, though one that will erode as AI capabilities improve.
To protect yourself, organisations must recognise that traditional reactive security approaches are becoming obsolete. Implement zero-trust architectures, maintain rigorous patch management with a 14-day maximum window, and deploy AI-enhanced monitoring tools. Consider managed detection and response (MDR) services with AI capabilities. The barriers to sophisticated cyberattacks have dropped substantially – less experienced groups can now potentially perform large-scale attacks of this nature.
Continue reading:
Disrupting the first reported AI-orchestrated cyber espionage campaign (Anthropic)
Anthropic warns state-linked actor abused its AI tool in sophisticated espionage campaign (Cybersecurity Dive)
Windows Evolves Into an “Agentic OS”
Microsoft announced that Windows is “evolving into an agentic OS” at Ignite 2025, revealing plans to embed AI agents directly into the operating system. The company introduced “Agent Workspaces” – separate, contained spaces where AI agents can access your apps and files to complete tasks in the background. Each agent operates using its own account distinct from your personal user account, with Microsoft promising “clear boundaries” between agent activity and your own. The feature is currently available as an experimental toggle in Windows Insider builds.
The announcement was met with significant pushback online. Windows president Pavan Davuluri’s post about the agentic future received overwhelmingly negative replies, with users demanding Microsoft focus on reliability, performance and stability rather than AI integration. Critics pointed to Windows feeling “less stable than ever” with constant updates introducing new issues. The company was forced to lock comments on Davuluri’s post after hundreds of negative responses poured in, with many users threatening to switch to Linux.
To limit your exposure, the agentic features are disabled by default and require manual activation. If you’re concerned about AI access to your files, simply don’t enable the “Experimental agentic features” toggle in Settings > System > AI components. Consider whether you truly need AI assistance with local tasks, and remember that any AI agent with file access creates new privacy and security considerations. For those deeply concerned, evaluate alternative operating systems that prioritise user control over AI integration.
Learn more:
Microsoft just revealed how Windows 11 is evolving into an agentic OS (Windows Central)
Windows boss defends AI push as users plead for reliability (The Register)
CometJacking: When Your AI Browser Becomes a Data Thief
Security researchers at LayerX disclosed a dangerous vulnerability dubbed “CometJacking” in Perplexity’s Comet AI browser. The attack turns the browser’s integrated AI assistant into a data theft tool using nothing more than a malicious URL. When a user clicks a crafted link, hidden commands in the URL instruct Comet’s AI to access user memory and connected services like Gmail and Google Calendar, encode the stolen data using Base64 to bypass security filters, and transmit it to attacker-controlled servers – all without the user’s knowledge.
Unlike traditional browser attacks requiring credential phishing or malicious page content, CometJacking exploits the trust relationship between users and their AI assistants. Since Comet already has authorised access to connected services, hijacking the assistant effectively bypasses authentication altogether. Perhaps most concerning: when LayerX reported the vulnerability to Perplexity in August, the company replied that it could identify “no security impact” and marked the reports as “not applicable.”
To protect yourself, be extremely cautious about clicking links – even from seemingly trusted sources – when using AI-powered browsers. Review and limit the permissions you’ve granted to AI assistants, removing access to services you don’t actively need the AI to interact with. Consider whether the convenience of AI browser integration is worth the expanded attack surface it creates. Security researcher Bruce Schneier noted this is a “fundamental property of current LLM technology” – systems have no ability to separate trusted commands from untrusted data.
Read more:
CometJacking attack tricks Comet browser into stealing emails (BleepingComputer)
Prompt Injection in AI Browsers (Schneier on Security)
GrapheneOS Withdraws from France Amid State Pressure
GrapheneOS, the privacy-focused Android operating system, announced it is ceasing all operations in France, asserting the country is “no longer safe for open source privacy projects.” The project is relocating all server infrastructure – including its website, Mastodon, Discourse and Matrix instances – from French hosting provider OVH to servers in Toronto and Germany. Developers have also been prohibited from working in France or travelling there, including for conferences.
The withdrawal follows negative press coverage from Le Parisien, which portrayed GrapheneOS as a tool for drug traffickers. French cybercrime prosecutor Johanna Brousse implied potential legal action against the project. GrapheneOS argues the articles confused their legitimate open-source project with counterfeit versions distributed by outside actors, sometimes through dark web channels or fake social media pages. The project previously threatened litigation against government-backed forks, referencing the FBI’s ANOM operation where compromised devices were distributed as part of “Operation Trojan Horse.”
To protect yourself, if you’re a GrapheneOS user in France, the migration will not affect your ability to install or use the operating system – only the project’s infrastructure is moving. Consider supporting digital rights organisations, such as the Electronic Frontier Foundation or European Digital Rights, that defend privacy-focused technologies against regulatory overreach. The situation illustrates growing tension between privacy tools and state surveillance interests across Europe, with GrapheneOS using France’s support for the Chat Control proposal as a “simple heuristic” for which EU countries to avoid.
Continue reading:
GrapheneOS migrates server infrastructure from France amid police intimidation claims (Privacy Guides)
GrapheneOS Quits France, Citing Unsafe Climate for Open Source Tech (Reclaim The Net)
EU’s Digital Future: Cash Limits, Crypto ID Rules, and Digital Wallets
The European Union’s Anti-Money Laundering package is set to take effect in July 2027, introducing a bloc-wide €10,000 cap on cash payments in business transactions. Whilst viral claims suggested the EU was “criminalising cash,” the reality is more nuanced: businesses will no longer accept cash payments above this threshold, but transactions between private individuals remain unaffected in most cases. Europeans will still be able to save, hold and withdraw any amount of cash they wish. The package also establishes the EU Anti-Money Laundering Authority (AMLA) in Frankfurt.
Alongside cash limits, new rules will require crypto-asset service providers to collect sender and recipient information for transactions, effectively implementing “travel rules” similar to traditional banking. Meanwhile, the EU Digital Identity Wallet (EUDI) is advancing rapidly, with pilot projects across 26 member states testing use cases from accessing government services to opening bank accounts. By December 2026, member states must make wallets available to citizens, with mandatory acceptance by regulated businesses by November 2027. The wallet promises selective data sharing – proving you’re over 18 without revealing your full birthdate, for instance.
To protect yourself, understand that these changes affect how you transact, not your ability to hold cash. For cryptocurrency users, expect increased identity verification requirements when using EU-based exchanges or services. Regarding the EUDI Wallet, whilst it offers convenience, carefully consider which services truly need access to your digital credentials. The wallet is designed with encryption and minimal disclosure principles, but any centralised identity system creates potential risks if compromised. Stay informed about implementation in your member state.
Read more:
No, Brussels didn’t just criminalise cash (Euronews)
EU Digital Identity Wallet Pilot implementation (European Commission)
EU Digital Omnibus: A Major Rollback of Privacy Protections?
On 19 November 2025, the European Commission published two Digital Omnibus proposals that civil society groups have described as a massive rollback of the EU’s core digital protections. The package introduces amendments to the General Data Protection Regulation, the ePrivacy Directive, and the AI Act, all framed as simplification measures to reduce compliance burdens for businesses.
Privacy advocates are alarmed. European Digital Rights warned that the proposals weaken the ePrivacy framework by shifting key provisions into the GDPR whilst creating broad exceptions that allow businesses to access data on devices without consent. Perhaps most concerning, the proposals would allow companies to use personal data for AI training without prior consent in most circumstances – a significant departure from the opt-in consent model that has defined European data protection. Amnesty International stated that the proposals would “open the door to unlawful surveillance, discriminatory profiling in welfare and policing, and strip people of their right to have control of their personal data.”
To safeguard your privacy as these proposals move through the legislative process, stay informed about developments and consider supporting digital rights organisations advocating for strong protections. Review your own data-sharing practices and minimise the information you share with online services. Exercise your existing GDPR rights to access and delete your data whilst they remain robust. Consider using privacy-focused services based in jurisdictions with strong data protection laws.
Continue reading:
Digital Omnibus is a major rollback of EU digital protections (European Digital Rights)
European Commission ‘simplification’ proposal would weaken GDPR, AI regulations (The Record)
Chat Control: Council Approves Revised Proposal
On 26 November 2025, EU ambassadors approved a negotiating mandate on Chat Control in a close split vote.
The Danish Presidency’s compromise makes chat scanning voluntary rather than mandatory, a shift from earlier drafts that faced sustained opposition from Germany, the Netherlands, Poland, and Austria. Under current rules, companies can voluntarily scan for child sexual abuse material without violating EU privacy laws. That exemption was set to expire in April 2026, but the Council now wants to keep it indefinitely.
The text introduces a three-tier risk classification system for online services, along with age verification requirements. However, scientists warned in an open letter that the latest text still brings high risks to society, while critics argue that Article 4’s requirement for “all appropriate risk mitigation measures” could effectively mandate scanning through the back door.
Final negotiations between the Council, Parliament, and Commission are expected in early 2026. The Parliament’s 2023 position ruled out mass surveillance and protected encryption, setting the stage for potentially contentious talks ahead.
Just when privacy advocates thought they had defeated the EU’s mass surveillance proposal, Chat Control has returned in a more dangerous form. In November 2025, digital rights expert Dr Patrick Breyer raised the alarm that a new compromise proposal was being pushed through in closed-door EU working group sessions. Following public protests that led Germany, the Netherlands, Poland, and Austria to reject indiscriminate Chat Control, the proposal now attempts to achieve the same outcome through regulatory sleight of hand.
The new text contains several threats to digital freedom. Most critically, Article 4 requires email, chat and messenger services to take “all appropriate risk mitigation measures” – vague language that could still force providers to scan all private messages, even on end-to-end encrypted services. The supposedly voluntary scanning has also expanded: it now covers not just photos and videos, but AI-powered analysis of your chat texts for suspicious keywords. The proposal also demands mandatory age verification, which would effectively end anonymous communication online, whilst teens under 16 would face blanket bans from any platform with chat functions. Following protests, a clarification on 13. November stated that scanning should not be mandatory through this “risk mitigation” back door – but the other problems remain as final negotiations between EU institutions approach in early 2026
To protect your digital communications, continue using services with genuine end-to-end encryption and support organisations fighting for strong privacy protections. Stay informed about the upcoming negotiations between the EU Parliament, Council, and Commission, expected to begin in January 2026. Contact your national representatives to express concerns about measures that could amount to mass surveillance. Remember that encryption protects everyone – journalists, lawyers, activists, and ordinary citizens alike.
Read more:
Chat Control: EU lawmakers finally agree on the voluntary scanning of your private chats (TechRadar)
Child sexual abuse: Council reaches position on law protecting children from online abuse (Council of the EU)
UK Cyber Security and Resilience Bill Enters Parliament
The UK Government introduced the Cyber Security and Resilience Bill to Parliament on 12 November 2025, marking the most significant overhaul of British cybersecurity legislation in years. The bill updates the Network and Information Systems Regulations 2018 and brings critical sectors including healthcare, transport, energy, and water under stronger protection requirements. For the first time, medium and large IT managed service providers working with public sector bodies will be formally regulated.
The legislation responds to mounting evidence of cyber threats to essential services. New research cited by the government puts the annual cost of cyberattacks to the UK economy at £14.7 billion – roughly 0.5 per cent of GDP. Recent incidents, including the Synnovis ransomware attack that disrupted over 11,000 NHS appointments and the breach of the Ministry of Defence payroll system through a managed service provider, highlighted urgent vulnerabilities. The bill introduces 24-hour reporting requirements for serious incidents and gives the Technology Secretary powers to issue specific security demands during national security threats. Penalties for serious violations will reach daily fines of £100,000 or 10 per cent of daily turnover, whichever is higher.
To prepare for the new regulatory environment, organisations in scope should review their cybersecurity frameworks against anticipated requirements. Assess your supply chain security and consider contractual implications for third-party partners. For those already compliant with EU NIS2 requirements, conduct a gap analysis to identify where existing compliance efforts can be adapted. Monitor developments as the bill progresses through Parliament and begin planning for compliance even before final passage.
Learn more:
Cyber Security and Resilience Bill (GOV .UK)
UK’s Cyber Security and Resilience Bill enters Parliament (The Register)
Recommended Reading
- List of Recent Data Breaches in 2025 (Bright Defense)
- Cybersecurity & Privacy News and Analysis (Law360)
- Secure Business Email Hosting 2025: Complete Comparison Guide (Mailfence Blog)
- Business Email Security: Fundamentals and Best Practices for 2025 (Mailfence Blog)
- Email Security for Small Business: Your Complete Protection Guide in 2025 (Mailfence Blog)
That’s All for This Month’s Newsletter!
November 2025 has made one thing clear: the lines between AI, cybersecurity and regulation are blurring faster than anyone anticipated. Whether it’s autonomous AI conducting espionage or lawmakers quietly rewriting privacy rules, staying informed is no longer optional—it’s essential. We hope this newsletter helps you cut through the noise and take control of your digital life. See you next month.
Best,
Patrick
Get the latest privacy news in your inbox
Sign up to the Mailfence Newsletter.