China cybersecurity agency fines ride-hailing giant Didi $1.and HP Openview Self-Healing, JFox, Zimbra Desktop and others (here a more complete list. Federal privacy legislation progresses, but concerns about data brokers loom Aerohive HiveManager Classic Privilege Escalation Vulnerability.Congress Might Actually Pass ADPPA, the American Data Privacy and Protection Act | WIRED.TSA unveils updated cybersecurity regulations of oil and gas pipelines - The Record by Recorded Future.Zimbra sanitizes HTML content in incoming emails on the server side, using OWASP Java-HTML-Sanitizer approach, which allows for first vulnerability to occur. Report: Mercenary spyware exploited Google Chrome zero-day to target journalists - The Record by Recorded Future JavaScript payload is triggered and interact with the Zimbra web interface in order to exploit the second flaw automatically in the background, without any further user interaction.Congress goes after spyware purveyors.Cyber criminals attack Ukrainian radio network, broadcast fake message about Zelensky's health.Since learning of the reported vulnerability, Zimbra Engineering has verified the issue and produced a hotfix (for 8.8.15 p30). Cyber Command shares bevy of new malware used against Ukraine - The Record by Recorded Future A new Zero-day exploit has been identified that affects Zimbra 8.8.15.China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors | Federal Public Service Foreign Affairs.To keep our customers secure, Zimbra always encourages customers keep current with patches. Zimbra addressed noted vulnerabilities in prior patches and urged customers to review their server configurations to prevent possible exploitation. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us | Ars Technica Nothing is more important to Zimbra than security.Microsoft resuming default block of Office VBA macros - The Record by Recorded Future.IT security giant Entrust says it's investigating alleged June data breach - The Record by Recorded Future.Italy investigating ransomware attack on tax agency - The Record by Recorded Future.