Dataproof Communications

To help you troubleshoot access denied errors, we recently added the Amazon Resource Name (ARN) of the denying policy to access denied error messages. This builds on our 2021 enhancement that added the type of the policy denying the access to access denied error messages. The ARN of the denying policy is only provided in same-account and...

A coalition of seven Western nations has launched guidelines to help integrate security-by-design principles into future 6G standards - Read more

Microsoft Azure Data Explorer Cross-Tenant Data Leak with Custom Dashboard Tenable Research has identified and responsibly disclosed a critical cross-tenant data exfiltration vulnerability in Azure Data Explorer (ADX). This flaw allowed an attacker to steal private data from a victim's ADX cluster by abusing the "Share Dashboard" feature. The vulnerability exploited a flaw in the cross-tenant dashboard sharing mechanism. An...

There is a particular kind of energy that fills the room when partners gather with a shared mission. It is part strategy session, part reunion, part blueprint for what comes next. That spirit defined this year’s Rapid7 EMEA Partner Summit in Lisbon, Portugal. And that's exactly what our partners around the world are set to experience at Rapid7’s Global...

Hacktivist activity surrounding the Iran war is sky-high but Iran's state-backed cyber espionage actors have yet to show their hands, giving security teams a valuable window of time to shore up their defences. - Read more

Starting from the third quarter of 2025, we have updated our statistical methodology based on the Kaspersky Security Network. These changes affect all sections of the report except for the installation package statistics, which remain unchanged. To illustrate trends between reporting periods, we have recalculated the previous year’s data; consequently, these figures may differ significantly from previously published numbers. All...

Information published. - Read more

Key Findings During the ongoing conflict, we identified intensified targeting of IP cameras from two manufacturers starting on February 28, originating from infrastructure we attribute to Iranian threat actors. The targeting extends across Israel, Qatar, Bahrain, Kuwait, the UAE, and Cyprus – countries that have also experienced significant missile activity linked to Iran. On March 1st, we additionally observed...

Last updated on 4 March 2026 at 2000 GMT. Recorded Future's Insikt Group® is actively monitoring the rapidly evolving situation following coordinated US-Israeli strikes against Iran, the death of Supreme Leader Ali Khamenei and the widening regional war. This analysis serves as a continuously updated compilation on the geopolitical, cyber and influence operation aspects of the war, including...

Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely compromised the application’s security. This finding highlights the core risks of centralized authentication in workflow automation platforms. As n8n serves as the central hub connecting critical systems and orchestrating business processes across teams, any gap in credential handling can potentially cascade across connected systems, disrupting...