Dataproof Communications

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2024 ) for more information. - Read more

A new security bypass has users installing AI agent OpenClaw — whether they intended to or not. Researchers have discovered that a compromised npm publish token pushed an update for the widely-used Cline command line interface (CLI) containing a malicious postinstall script. That script installs the wildly popular, but increasingly condemned, agentic application OpenClaw on...

PayPal disclosed a software error in its Working Capital platform that exposed sensitive customer data, including Social Security numbers, for months in 2025. The post PayPal Flaw Exposed Email Addresses, Social Security Numbers for 6 Months appeared first on TechRepublic. - Read more

Hacking Churches and Backdooring EmacsThis release packs some solid exploit module additions! Two new unauthenticated RCE modules are a major win: the StoryChief WordPress plugin exploit (CVE-2025-7441) targets a webhook validation flaw allowing arbitrary file uploads, while the ChurchCRM exploit (CVE-2025-62521) abuses the installation wizard to inject PHP code for persistent access. Both establish Meterpreter sessions. On the persistence front, there's a creative Emacs...

Commercial AI services are enabling even unsophisticated threat actors to conduct cyberattacks at scale—a trend Amazon Threat Intelligence has been tracking closely. A recent investigation illustrates this shift: Amazon Threat Intelligence observed a Russian-speaking financially motivated threat actor leveraging multiple commercial generative AI services to compromise over 600 FortiGate devices across more than 55 countries from January...

Google used AI-driven review systems to block 1.75 million policy-violating apps and ban 80,000 developer accounts in 2025, expanding Play Store and Android security enforcement. The post Google Blocked 1.75M Harmful Apps From Play Store in 2025 appeared first on TechRepublic. - Read more

The 2026 Winter Olympics have been live for several weeks, and the cyber activity many predicted is already unfolding.Threat intelligence reporting from Intel471 highlights a surge in hacktivist chatter and mobilization tied to protests and geopolitical tensions surrounding the Games. At the same time, Google’s Threat Intelligence Group has warned that hacktivists, state actors, and cybercriminal groups are actively...

DDoS attack frequency has risen to ‘alarming levels,’ warns Radware report - Read more

A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET - Read more

Threats from cyberattacks continue to grow in frequency and severity. Considering the potential disruptions from such events, an organization needs an incident response plan.. - Read more