APDPO
Asia-Pacific Data Privacy Organization
apdpo.com
2025-03-01
The Asia-Pacific Data Privacy Organization (APDPO) was established one year, three months, fifteen days ago on March 1, 2025. This initiative seeks to bridge and bring together stakeholders in data privacy across the region, focusing on knowledge sharing and encouraging collaboration to strengthen privacy protections, cybersecurity, and the safe, responsible, and ethical use of AI across Asia-Pacific.
2025-03-08
Magie Antonio has been invited to serve as the Country Head for APDPO in the Philippines. Magie will spearhead local initiatives, build partnerships, and promote privacy awareness that translates into operational compliance with data privacy regulations, while advocating for the enhancement of the robust framework in the country and contributing to regional best practices across the Asia-Pacific.
2025-03-18
In cooperation with Bureau Veritas, APDPO conducted its first upskilling project, delivering data privacy and cybersecurity training to professionals at Visayan Electric (VECO) in Cebu City, Philippines. Arranged by Magie Antonio of APDPO and Atty. Ernie Villarin of VECO, the initiative equipped participants with skills to address the country’s evolving data privacy challenges.
2025-04-01
Special thanks to Magie Antonio for sponsoring the infrastructure of APDPO.com. This platform will connect privacy professionals and organizations across the Asia-Pacific, enabling the exchange of valuable knowledge and best practices. It will support regional initiatives in data privacy, cybersecurity, and artificial intelligence, strengthening the APDPO community and its impact across the region.
2025-04-08
Akira Sato has been invited to serve as the Country Head for APDPO in Japan. Akira will cultivate partnerships with local organizations, elevate awareness of privacy practices, ensure compliance with data privacy regulations, advocate for continuous improvements, and share insights to enhance regional standards across the Asia-Pacific.
2025-04-10
Alex Lee has been invited to serve as the Country Head for APDPO in Singapore. Alex will advance data protection initiatives, work closely with local stakeholders to promote privacy awareness and ensure compliance with the nation’s data privacy regulations, while contributing insights to bolster regional standards across the Asia-Pacific.
2025-07-16
Coinciding with AI Appreciation Day, APDPO and Community Health Education Emergency Rescue Services (CHEERS) formally launched a partnership to promote data privacy, cybersecurity, and the responsible use of AI in resilience, initiatives addressing Violence Against Women and Children (VAWC), and elderly care. The agreement was signed by APDPO Country Head for the Philippines Magie Antonio and CHEERS founder Dr. Sandy Montano.
2025-08-07
Magie Antonio, APDPO Country Head for the Philippines, represented APDPO in the INTERPOL Project SynthWave Member Country Visit at the Philippine Center on Transnational Crime, where INTERPOL’s Toshinobu Yasuhira, Abdullah Fuad Aljalahma, Libni Garg, and local stakeholders discussed risks of AI-driven synthetic media. Hosted by Generals Benjamin Batara, Noel Baraceros, and Cesar Binag, the event reflected APDPO’s commitment to regional collaboration in data protection.
2025-10-07
APDPO and the Philippine College of Criminology (PCCR) have formalized a strategic partnership to strengthen data privacy, cybersecurity, and ethical AI principles in criminal justice education. The agreement was signed by APDPO Country Head for the Philippines Magie Antonio and PCCR President Lei Bautista. This collaboration will advance curriculum development, faculty training, research projects, and micro-credential programs at the intersection of law enforcement and data protection.
2025-10-24
Magie Antonio, Country Head for APDPO in the Philippines, received the Woman of Excellence in Digitalization and Humanitarian Service award at the 80th United Nations Anniversary Celebration. The ceremony honored distinguished leaders including ambassadors from Indonesia, the United Arab Emirates, and Qatar, along with senior Philippine government officials. This recognition signals the importance of integrating data privacy, cybersecurity, and ethical AI in humanitarian service.
2025-10-31
APDPO concludes Cybersecurity Awareness Month with its first "Leading with Privacy" profile, featuring Police Major General Jericho Baldeo, Data Protection Officer of the Philippine National Police. He shared insights on integrating data privacy with effective law enforcement to earn public trust and uphold human rights with Magie Antonio, APDPO Country Head for the Philippines, during her courtesy call to the Directorate for Information and Communications Technology Management.
2026-01-01
APDPO encourages organizations to join in celebrating the internationally observed Data Privacy Day on January 28 through awareness activities that promote personal data protection. With APDPO providing subject matter experts and organizations handling accommodation and transportation, participation reflects commitment to data privacy, legal compliance, and stakeholder trust. Interested organizations may contact info@apdpo.com for available slots.
APDPO
Asia-Pacific Data Privacy Organization
85%
of Asia-Pacific jurisdictions have enacted or drafted personal data protection laws.
46%
of APAC countries have dedicated national data protection authorities.
35%
of jurisdictions require mandatory breach notifications.
19%
have cross-border data transfer laws modeled after the GDPR.
31%
have issued official AI ethics or governance frameworks.
90%
of large enterprises in APAC are subject to multi-jurisdictional data compliance obligations.
East Asia
Japan
China
South Korea
Taiwan
Hong Kong
Mongolia
Southeast Asia
Philippines
Vietnam
Thailand
Malaysia
Singapore
Indonesia
Myanmar
Laos
Cambodia
Brunei
South Asia
India
Sri Lanka
Pakistan
Bangladesh
Nepal
Bhutan
Oceania
Australia
New Zealand
Papua New Guinea
Fiji
APDPO connects organizations across Asia-Pacific to strengthen skills and knowledge in data privacy, cybersecurity, and AI. Membership is open to organizations committed to these fields, with no strict entry requirements—just a shared interest in collaboration and growth. A low annual membership fee of SGD 1,200 per organization encourages broad participation and unlocks member discounts and special opportunities. Membership starts with registration and participation. Over time, active members may be invited to lead initiatives, host activities, and represent their sector or country.
Training Access
Priority early registration for regional and role-specific training ahead of public release.
Certification Discounts
Reduced rates on APDPO certifications compared to standard rates for non-members.
Skills Development
Practical guidance from foundational policies through international alignment.
Co-Branding
Joint events and certifications, plus logos on the APDPO website and member microsites.
APDPO tracks critical Common Vulnerabilities and Exposures (CVE), including those related to AI, that could compromise organizational systems or expose sensitive data. Consolidated CVE information from publicly available sources is freely available via RSS and JSON feeds at APDPO.com for all interested organizations.
CVE-2026-52715
2026-06-16
Unauthenticated SQL Injection in GEO my WordPress.
CVE-2026-48714
2026-06-16
i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. In versions prior to 3.9.7, the missingKeyHandler blocked the literal request-body keys __proto__, constructor, and prototype (added in 3.9.3, see GHSA-5fgg-jcpf-8jjw), but did not reject dotted variants such as "__proto__.polluted". Downstream backends that split the missing-key string on a configured keySeparator (notably i18next-fs-backend ≤ 2.6.5) hand these keys to an unguarded setPath() walker that writes to Object.prototype. Applications that expose missingKeyHandler to untrusted input AND use i18next-fs-backend ≤ 2.6.5 are directly exploitable for remote prototype pollution. Other downstream backends that split the missing-key string the same way may be similarly affected. Depending on the host application, polluted prototype properties may cause crashes, corrupted translation behaviour, configuration poisoning, or bypasses of property-based security checks. This issue has been fixed in version 3.9.7. If developers cannot upgrade immediately, they should do the following: do not expose missingKeyHandler to untrusted users (mount it behind authentication, or remove the route), add a request-body filter ahead of the handler that rejects any top-level key containing __proto__, constructor, or prototype after splitting on their configured keySeparator, and disable missing-key persistence (saveMissing: false) when accepting writes from untrusted input.
CVE-2026-49772
2026-06-16
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2.
CVE-2026-48853
2026-06-16
Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.
CVE-2018-1273
2026-06-15
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.
CVE-2022-32511
2026-06-15
jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable.
CVE-2023-34576
2026-06-12
SQL injection vulnerability in updatepos.php in PrestaShop opartfaq through 1.0.3 allows remote attackers to run arbitrary SQL commands via unspedified vector.
CVE-2023-34575
2026-06-12
SQL injection vulnerability in PrestaShop opartsavecart through 2.0.7 allows remote attackers to run arbitrary SQL commands via OpartSaveCartDefaultModuleFrontController::initContent() and OpartSaveCartDefaultModuleFrontController::displayAjaxSendCartByEmail() methods.
apdpo.com does not use cookies