Dataproof Communications

- Read more

Move from manual search to real-time answers through secure distributed search and AI for defence. - Read more

Executive Summary PurpleBravo is a North Korean state-sponsored threat group that overlaps with the “Contagious Interview” campaign first documented in November 2023. It targets software developers, especially in the software development and cryptocurrency verticals, via fake recruiter outreach, interview coding tests, and ClickFix prompts. Activity throughout 2025 has linked multiple fraudulent LinkedIn personas to PurpleBravo through malicious GitHub...

Blind SSRF/DoS in Java TLS x509 AIA Extension A Blind Server-Side Request Forgery (SSRF) vulnerability exists in Oracle Java 21. The vulnerability, which leads to Denial of Service (DoS), is present in the x509 certificate path validation mechanism when the non-default system property com.sun.security.enableAIAcaIssuers is set to true.When enabled, the application attempts to retrieve the issuing CA certificate using...

Amazon Web Services (AWS) is pleased to announce that the Fall 2025 System and Organization Controls (SOC) 1, 2, and 3 reports are now available. The reports cover 185 services over the 12-month period from October 1, 2024–September 30, 2025, giving customers a full year of assurance. These reports demonstrate our continuous commitment to adhering to the heightened expectations of...

Critical iOS and iPadOS WebKit flaws put millions of iPhones and iPads at risk of silent takeover. Apple urges users to update immediately. The post New iOS and iPadOS Flaws Leave Millions of iPhones at Risk appeared first on TechRepublic. - Read more

Madison, United States, January 20th, 2026, CyberNewsWire Veteran cybersecurity leader brings decades of experience and patented innovation to advance the next generation of proactive security solutions. Sprocket Security today announced the appointment of Eric Sheridan as Chief Technology Officer (CTO). In this role, Sheridan will lead the company’s technology vision and execution, accelerating innovation and advancing Sprocket Security’s mission to deliver proactive cybersecurity solutions...

2 security vulnerabilities in the Chainlit framework expose risks from web flaws in AI applications - Read more

Organisations are beginning to implement zero-trust models for data governance thanks to the proliferation of poor quality AI-generated data, often known as AI slop. - Read more

Delta Electronics DIAView Multiple Vulnerabilities CVE-2025-62581 - Hard-coded JWT Secret Key (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)DIAView uses a hardcoded secret key.CVE-2025-62582 - Unauthenticated Remote Database Access (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)An unauthenticated remote attacker can access configured databases in a DIAView project.  Ben Smith Tue, 01/20/2026 - 10:54 - Read more