APDPO
Asia-Pacific Data Privacy Organization
apdpo.com
2025-03-01
The Asia-Pacific Data Privacy Organization (APDPO) was established one year, two months, five days ago on March 1, 2025. This initiative seeks to bridge and bring together stakeholders in data privacy across the region, focusing on knowledge sharing and encouraging collaboration to strengthen privacy protections, cybersecurity, and the safe, responsible, and ethical use of AI across Asia-Pacific.
2025-03-08
Magie Antonio has been invited to serve as the Country Head for APDPO in the Philippines. Magie will spearhead local initiatives, build partnerships, and promote privacy awareness that translates into operational compliance with data privacy regulations, while advocating for the enhancement of the robust framework in the country and contributing to regional best practices across the Asia-Pacific.
2025-03-18
In cooperation with Bureau Veritas, APDPO conducted its first upskilling project, delivering data privacy and cybersecurity training to professionals at Visayan Electric (VECO) in Cebu City, Philippines. Arranged by Magie Antonio of APDPO and Atty. Ernie Villarin of VECO, the initiative equipped participants with skills to address the country’s evolving data privacy challenges.
2025-04-01
Special thanks to Magie Antonio for sponsoring the infrastructure of APDPO.com. This platform will connect privacy professionals and organizations across the Asia-Pacific, enabling the exchange of valuable knowledge and best practices. It will support regional initiatives in data privacy, cybersecurity, and artificial intelligence, strengthening the APDPO community and its impact across the region.
2025-04-08
Akira Sato has been invited to serve as the Country Head for APDPO in Japan. Akira will cultivate partnerships with local organizations, elevate awareness of privacy practices, ensure compliance with data privacy regulations, advocate for continuous improvements, and share insights to enhance regional standards across the Asia-Pacific.
2025-04-10
Alex Lee has been invited to serve as the Country Head for APDPO in Singapore. Alex will advance data protection initiatives, work closely with local stakeholders to promote privacy awareness and ensure compliance with the nation’s data privacy regulations, while contributing insights to bolster regional standards across the Asia-Pacific.
2025-07-16
Coinciding with AI Appreciation Day, APDPO and Community Health Education Emergency Rescue Services (CHEERS) formally launched a partnership to promote data privacy, cybersecurity, and the responsible use of AI in resilience, initiatives addressing Violence Against Women and Children (VAWC), and elderly care. The agreement was signed by APDPO Country Head for the Philippines Magie Antonio and CHEERS founder Dr. Sandy Montano.
2025-08-07
Magie Antonio, APDPO Country Head for the Philippines, represented APDPO in the INTERPOL Project SynthWave Member Country Visit at the Philippine Center on Transnational Crime, where INTERPOL’s Toshinobu Yasuhira, Abdullah Fuad Aljalahma, Libni Garg, and local stakeholders discussed risks of AI-driven synthetic media. Hosted by Generals Benjamin Batara, Noel Baraceros, and Cesar Binag, the event reflected APDPO’s commitment to regional collaboration in data protection.
2025-10-07
APDPO and the Philippine College of Criminology (PCCR) have formalized a strategic partnership to strengthen data privacy, cybersecurity, and ethical AI principles in criminal justice education. The agreement was signed by APDPO Country Head for the Philippines Magie Antonio and PCCR President Lei Bautista. This collaboration will advance curriculum development, faculty training, research projects, and micro-credential programs at the intersection of law enforcement and data protection.
2025-10-24
Magie Antonio, Country Head for APDPO in the Philippines, received the Woman of Excellence in Digitalization and Humanitarian Service award at the 80th United Nations Anniversary Celebration. The ceremony honored distinguished leaders including ambassadors from Indonesia, the United Arab Emirates, and Qatar, along with senior Philippine government officials. This recognition signals the importance of integrating data privacy, cybersecurity, and ethical AI in humanitarian service.
2025-10-31
APDPO concludes Cybersecurity Awareness Month with its first "Leading with Privacy" profile, featuring Police Major General Jericho Baldeo, Data Protection Officer of the Philippine National Police. He shared insights on integrating data privacy with effective law enforcement to earn public trust and uphold human rights with Magie Antonio, APDPO Country Head for the Philippines, during her courtesy call to the Directorate for Information and Communications Technology Management.
2026-01-01
APDPO encourages organizations to join in celebrating the internationally observed Data Privacy Day on January 28 through awareness activities that promote personal data protection. With APDPO providing subject matter experts and organizations handling accommodation and transportation, participation reflects commitment to data privacy, legal compliance, and stakeholder trust. Interested organizations may contact info@apdpo.com for available slots.
APDPO
Asia-Pacific Data Privacy Organization
85%
of Asia-Pacific jurisdictions have enacted or drafted personal data protection laws.
46%
of APAC countries have dedicated national data protection authorities.
35%
of jurisdictions require mandatory breach notifications.
19%
have cross-border data transfer laws modeled after the GDPR.
31%
have issued official AI ethics or governance frameworks.
90%
of large enterprises in APAC are subject to multi-jurisdictional data compliance obligations.
East Asia
Japan
China
South Korea
Taiwan
Hong Kong
Mongolia
Southeast Asia
Philippines
Vietnam
Thailand
Malaysia
Singapore
Indonesia
Myanmar
Laos
Cambodia
Brunei
South Asia
India
Sri Lanka
Pakistan
Bangladesh
Nepal
Bhutan
Oceania
Australia
New Zealand
Papua New Guinea
Fiji
APDPO connects organizations across Asia-Pacific to strengthen skills and knowledge in data privacy, cybersecurity, and AI. Membership is open to organizations committed to these fields, with no strict entry requirements—just a shared interest in collaboration and growth. A low annual membership fee of SGD 1,200 per organization encourages broad participation and unlocks member discounts and special opportunities. Membership starts with registration and participation. Over time, active members may be invited to lead initiatives, host activities, and represent their sector or country.
Training Access
Priority early registration for regional and role-specific training ahead of public release.
Certification Discounts
Reduced rates on APDPO certifications compared to standard rates for non-members.
Skills Development
Practical guidance from foundational policies through international alignment.
Co-Branding
Joint events and certifications, plus logos on the APDPO website and member microsites.
APDPO tracks critical Common Vulnerabilities and Exposures (CVE), including those related to AI, that could compromise organizational systems or expose sensitive data. Consolidated CVE information from publicly available sources is freely available via RSS and JSON feeds at APDPO.com for all interested organizations.
CVE-2026-40331
2026-05-05
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, the unauthenticated JSON API accepts an altTable parameter that is stored via the setAltTable() method without validation or sanitization. This value is injected directly into a SQL FROM clause within feedGateway.cfc. An unauthenticated attacker can pass an arbitrary subquery into the altTable parameter to read sensitive data from any table in the database in a single HTTP request, including administrative credentials and password reset tokens. This issue has been fixed in versions 7.2.10, 7.3.15, 7.4.10, and 7.5.3. As a workaround, apply validation to the setAltTable function in core/mura/content/feed/feedBean.cfc to restrict input to simple alphanumeric table names, or disable the JSON API if it is not required.
CVE-2026-40330
2026-05-05
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's handling of the sortDirection parameter. The parameter value is concatenated directly into SQL queries without sanitization or parameterization. An unauthenticated remote attacker can exploit this to extract sensitive information, modify or delete database records, or potentially achieve remote code execution on the underlying database server. This issue has been fixed in versions 7.2.10, 7.3.15, 7.4.10, and 7.5.3. As a workaround, use a WAF to block or restrict access to the beanFeed.cfc component, or deploy rules to detect SQL injection patterns targeting the sortDirection parameter.
CVE-2026-40329
2026-05-05
Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize or parameterize this input before incorporating it into dynamic SQL statements. An unauthenticated remote attacker can execute arbitrary SQL commands against the database, potentially gaining access to sensitive data, modifying or deleting records, or escalating privileges to administrative control. This issue has been fixed in versions 7.2.10, 7.3.15, 7.4.10, and 7.5.3. As a workaround, configure WAF rules to block malicious SQL patterns in the sortBy parameter sent to beanFeed.cfc.
CVE-2026-33324
2026-05-05
SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the Text2SQL chat interface is vulnerable to prompt injection. The user-provided question parameter is directly concatenated into the LLM prompt without filtering or escaping, and the SQL extracted from the LLM response is executed against the database without validation or sanitization. An authenticated attacker can craft a malicious question to manipulate the LLM into generating and executing arbitrary SQL statements. When connected to a PostgreSQL data source, this can lead to remote code execution via COPY FROM PROGRAM. This issue has been fixed in version 1.7.1.
CVE-2022-45047
2026-05-01
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD.
CVE-2017-11165
2026-04-30
dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.
CVE-2017-11349
2026-04-30
dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data.
CVE-2020-9546
2026-04-30
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
apdpo.com does not use cookies