APDPO
Asia-Pacific Data Privacy Organization
apdpo.com
2025-03-01
The Asia-Pacific Data Privacy Organization (APDPO) was established one year, two months, twenty-seven days ago on March 1, 2025. This initiative seeks to bridge and bring together stakeholders in data privacy across the region, focusing on knowledge sharing and encouraging collaboration to strengthen privacy protections, cybersecurity, and the safe, responsible, and ethical use of AI across Asia-Pacific.
2025-03-08
Magie Antonio has been invited to serve as the Country Head for APDPO in the Philippines. Magie will spearhead local initiatives, build partnerships, and promote privacy awareness that translates into operational compliance with data privacy regulations, while advocating for the enhancement of the robust framework in the country and contributing to regional best practices across the Asia-Pacific.
2025-03-18
In cooperation with Bureau Veritas, APDPO conducted its first upskilling project, delivering data privacy and cybersecurity training to professionals at Visayan Electric (VECO) in Cebu City, Philippines. Arranged by Magie Antonio of APDPO and Atty. Ernie Villarin of VECO, the initiative equipped participants with skills to address the country’s evolving data privacy challenges.
2025-04-01
Special thanks to Magie Antonio for sponsoring the infrastructure of APDPO.com. This platform will connect privacy professionals and organizations across the Asia-Pacific, enabling the exchange of valuable knowledge and best practices. It will support regional initiatives in data privacy, cybersecurity, and artificial intelligence, strengthening the APDPO community and its impact across the region.
2025-04-08
Akira Sato has been invited to serve as the Country Head for APDPO in Japan. Akira will cultivate partnerships with local organizations, elevate awareness of privacy practices, ensure compliance with data privacy regulations, advocate for continuous improvements, and share insights to enhance regional standards across the Asia-Pacific.
2025-04-10
Alex Lee has been invited to serve as the Country Head for APDPO in Singapore. Alex will advance data protection initiatives, work closely with local stakeholders to promote privacy awareness and ensure compliance with the nation’s data privacy regulations, while contributing insights to bolster regional standards across the Asia-Pacific.
2025-07-16
Coinciding with AI Appreciation Day, APDPO and Community Health Education Emergency Rescue Services (CHEERS) formally launched a partnership to promote data privacy, cybersecurity, and the responsible use of AI in resilience, initiatives addressing Violence Against Women and Children (VAWC), and elderly care. The agreement was signed by APDPO Country Head for the Philippines Magie Antonio and CHEERS founder Dr. Sandy Montano.
2025-08-07
Magie Antonio, APDPO Country Head for the Philippines, represented APDPO in the INTERPOL Project SynthWave Member Country Visit at the Philippine Center on Transnational Crime, where INTERPOL’s Toshinobu Yasuhira, Abdullah Fuad Aljalahma, Libni Garg, and local stakeholders discussed risks of AI-driven synthetic media. Hosted by Generals Benjamin Batara, Noel Baraceros, and Cesar Binag, the event reflected APDPO’s commitment to regional collaboration in data protection.
2025-10-07
APDPO and the Philippine College of Criminology (PCCR) have formalized a strategic partnership to strengthen data privacy, cybersecurity, and ethical AI principles in criminal justice education. The agreement was signed by APDPO Country Head for the Philippines Magie Antonio and PCCR President Lei Bautista. This collaboration will advance curriculum development, faculty training, research projects, and micro-credential programs at the intersection of law enforcement and data protection.
2025-10-24
Magie Antonio, Country Head for APDPO in the Philippines, received the Woman of Excellence in Digitalization and Humanitarian Service award at the 80th United Nations Anniversary Celebration. The ceremony honored distinguished leaders including ambassadors from Indonesia, the United Arab Emirates, and Qatar, along with senior Philippine government officials. This recognition signals the importance of integrating data privacy, cybersecurity, and ethical AI in humanitarian service.
2025-10-31
APDPO concludes Cybersecurity Awareness Month with its first "Leading with Privacy" profile, featuring Police Major General Jericho Baldeo, Data Protection Officer of the Philippine National Police. He shared insights on integrating data privacy with effective law enforcement to earn public trust and uphold human rights with Magie Antonio, APDPO Country Head for the Philippines, during her courtesy call to the Directorate for Information and Communications Technology Management.
2026-01-01
APDPO encourages organizations to join in celebrating the internationally observed Data Privacy Day on January 28 through awareness activities that promote personal data protection. With APDPO providing subject matter experts and organizations handling accommodation and transportation, participation reflects commitment to data privacy, legal compliance, and stakeholder trust. Interested organizations may contact info@apdpo.com for available slots.
APDPO
Asia-Pacific Data Privacy Organization
85%
of Asia-Pacific jurisdictions have enacted or drafted personal data protection laws.
46%
of APAC countries have dedicated national data protection authorities.
35%
of jurisdictions require mandatory breach notifications.
19%
have cross-border data transfer laws modeled after the GDPR.
31%
have issued official AI ethics or governance frameworks.
90%
of large enterprises in APAC are subject to multi-jurisdictional data compliance obligations.
East Asia
Japan
China
South Korea
Taiwan
Hong Kong
Mongolia
Southeast Asia
Philippines
Vietnam
Thailand
Malaysia
Singapore
Indonesia
Myanmar
Laos
Cambodia
Brunei
South Asia
India
Sri Lanka
Pakistan
Bangladesh
Nepal
Bhutan
Oceania
Australia
New Zealand
Papua New Guinea
Fiji
APDPO connects organizations across Asia-Pacific to strengthen skills and knowledge in data privacy, cybersecurity, and AI. Membership is open to organizations committed to these fields, with no strict entry requirements—just a shared interest in collaboration and growth. A low annual membership fee of SGD 1,200 per organization encourages broad participation and unlocks member discounts and special opportunities. Membership starts with registration and participation. Over time, active members may be invited to lead initiatives, host activities, and represent their sector or country.
Training Access
Priority early registration for regional and role-specific training ahead of public release.
Certification Discounts
Reduced rates on APDPO certifications compared to standard rates for non-members.
Skills Development
Practical guidance from foundational policies through international alignment.
Co-Branding
Joint events and certifications, plus logos on the APDPO website and member microsites.
APDPO tracks critical Common Vulnerabilities and Exposures (CVE), including those related to AI, that could compromise organizational systems or expose sensitive data. Consolidated CVE information from publicly available sources is freely available via RSS and JSON feeds at APDPO.com for all interested organizations.
CVE-2026-24444
2026-05-28
SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints (mgmt.php, npcmd.php) that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the recovery endpoint via HTTP. Attackers can leverage this hardcoded password to enable filtered SSH and Telnet services on the device, resulting in unauthenticated root-level remote access to the underlying system.
GHSA-423P-G724-FR39
2026-05-28
CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE pg_monitor. SET ROLE changes only current_user; session_user remains postgres. Any SQL expression evaluated inside the scrape session can invoke RESET ROLE to recover real superuser privileges, then use COPY ... TO PROGRAM to spawn an OS-level subprocess as the postgres user inside the primary pod. The READ ONLY transaction flag does not block this; it gates writes to database state, not external processes. This vulnerability is fixed in 1.29.1 and 1.28.3.
CVE-2026-45323
2026-05-28
MeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node names are rendered without HTML escaping in meshcore-card, allowing any node within direct or indirect (repeated) radio range to execute arbitrary javascript in the Home Assistant frontend of anyone viewing the card. This vulnerability is fixed in 0.3.3.
CVE-2026-45261
2026-05-28
GitButler is a modern Git-based version control interface for AI-powered workflows. Prior to 0.19.7, a emote code execution vulnerability exists in the Tauri-based GitButler desktop application. An attacker can inject a malicious link in a pull request body, which if clicked by the user allows for arbitrary script execution in the Tauri webview. Users that have not enabled forge integration are not at risk. This vulnerability is fixed in 0.19.7.
CVE-2023-28531
2026-05-28
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
CVE-2019-17571
2026-05-28
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.
CVE-2019-11068
2026-05-28
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
CVE-2022-23305
2026-05-27
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
apdpo.com does not use cookies