Dataproof Communications

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more. The post Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware appeared first on TechRepublic. - Read more

For the latest discoveries in cyber research for the week of 16th February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Dutch telecom provider Odido was hit by a data breach following unauthorized access to its customer management system. Attackers extracted personal data of 6.2 million customers, including names, addresses, phone numbers, email addresses, bank account details, dates of...

Security researchers have challenged end-to-end encryption claims from popular commercial password managers - Read more

Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge Tenable Research has identified and responsibly disclosed a vulnerability to Nanobot.The nanobot WhatsApp bridge server (`bridge/src/server.ts`) binds its WebSocket server to all network interfaces (`0.0.0.0`) and accepts connections without any form of authentication. An attacker with network access to the bridge port (default `3001`) can fully hijack the linked WhatsApp session:...

Gogs Cross-Repository Comment Deletion via DeleteComment Tenable Research has identified and responsibly disclosed an Insecure Direct Object References (IDOR) vulnerability to Gogs. The POST `/:owner/:repo/issues/comments/:id/delete` endpoint does not verify that the comment belongs to the repository specified in the URL.This allows a repository administrator to delete comments from any other repository by supplying arbitrary comment IDs, bypassing authorization controls.The...

In December 2025, a database of the Brazilian crowdfunding platform APOIA.se was posted to an online forum. In January 2026, the company confirmed it had suffered a data breach. The incident exposed 451k unique email addresses along with names and physical addresses. - Read more

Cyber security companies have jumped on the AI bandwagon. We look at where artificial intelligence is a useful add-on and where it poses potential risks - Read more

The Problem with Pre-Packaged Intelligence Security teams are drowning in threat intelligence feeds. Hundreds of vendors promise comprehensive coverage, real-time alerts, and actionable insights. Yet sophisticated adversaries continue to operate undetected, incidents take weeks to scope, and attribution remains elusive. The fundamental issue isn't quality but control. Traditional network visibility solutions force passive consumption: their alerts, their priorities,...

Microsoft’s February 10, 2026, security update KB5077181 for Windows 11 versions 24H2 (build 26200.7840) and 25H2 (build 26100.7840) has triggered widespread reports of critical boot failures just days after deployment. Users describe devices entering infinite restart loops, often exceeding 15 cycles, preventing access to the desktop. This cumulative update delivers essential security fixes alongside quality improvements from prior releases...

A viral AI caricature trend may be exposing sensitive enterprise data, fueling shadow AI risks, social engineering attacks, and LLM account compromise. The post Viral AI Caricatures Highlight Shadow AI Dangers appeared first on TechRepublic. - Read more