Dataproof Communications

CVSSv3 Score: 5.7 An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in FortiVoice may allow a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests. Revised on 2026-01-13 00:00:00 - Read more

Key takeaways VoidLink is an advanced malware framework made up of custom loaders, implants, rootkits, and modular plugins designed to maintain long-term access to Linux systems. The framework includes multiple cloud-focused capabilities and modules, and is engineered to operate reliably in cloud and container environments over extended periods. VoidLink’s architecture is extremely flexible and highly modular, centered around a...

- Read more

- Read more

Amazon Web Services (AWS) is pleased to announce that two additional AWS services and one additional AWS Region have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) certification: Newly added services: AWS Security Incident Response AWS Transform Newly added AWS Region: Asia Pacific (Taipei) This certification...

Elastic hackathon judge Nils Thomsen explains why Sydney’s Forge the Future hackathon is your chance to hack for good with AI. He seeks solutions with impact, innovation, and practical real-world use cases using the full Elastic Stack. - Read more

December 2025 witnessed a dramatic 120% increase in high-impact vulnerabilities, with Recorded Future's Insikt Group® identifying 22 vulnerabilities requiring immediate remediation, up from 10 in November. The month was dominated by widespread exploitation of Meta's React Server Components flaw. What security teams need to know: React2Shell pandemonium: CVE-2025-55182 triggered a global exploitation wave with multiple threat actors...

Key Takeaways Effective ransomware detection requires three complementary layers: endpoint and extended detection and response (EDR/XDR) to monitor device-level activity, network detection and response (NDR) to catch lateral movement, and threat intelligence tools to provide context that enables efficient prioritization. The most valuable detection happens before ransomware encryption begins. Tools must identify precursor behaviors like reconnaissance, credential...

Prominent crime forum BreachForums has suffered a new and possibly fatal blow to its reputation after the revelation that a database of thousands of criminals using it was stolen months ago. News of the breach emerged publicly on January 9 when a zip archive containing a MySQL database of 323,986 BreachForums users appeared on shinyhunters,...

Researchers at Palo Alto’s Unit 42 have outlined a list of recommended security controls for vibe coding tools - Read more