Dataproof Communications

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2024 ) for more information. - Read more

Let's not have any further anniversaries for the UK's outdated cyber security laws - the government has dragged its heels for too long and reform is urgently needed - Read more

- Read more

What is the Vulnerability? CVE-2026-21858 arises from a Content-Type confusion flaw in n8n’s webhook and form handling logic. Specifically, certain form-based workflows do not adequately validate or enforce multipart form content types, allowing attackers to override internal request parsing state. This allows unauthenticated attackers to: ...

Key Takeaways Intelligence drives better decisions. High-performing teams use threat intelligence not just for detection, but to inform strategic business decisions and communicate risk to leadership. Maturity means efficiency. Advanced programs focus on automation, high-fidelity indicators, and cross-functional collaboration—freeing analysts to concentrate on strategic initiatives. Information overload is the top challenge. Teams need better integrations and AI-powered...

OverviewOn November 18, 2025, a patched release was published for a critical unauthenticated file read vulnerability in n8n, a popular piece of automation software. The advisory for this vulnerability, CVE-2026-21858, was subsequently published on January 7, 2026; the vulnerability holds a CVSS score of 10.0. If a server has a custom configured web form that implements file uploads with...

Welcome to this week’s edition of the Threat Source newsletter. I went to bed at 8:30 p.m. on New Year’s Eve, and I think that’s pretty indicative of how I approach the whole idea of New Year’s resolutions. I love to count down to the new year with loved ones as much as the next person, but I have really conflicted feelings about traditional resolutions. On one hand, it’s great...

The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL - Read more

  A customer buys. You ship. Everyone seems happy. Then, a few weeks later, you get a chargeback. Or you notice the same card being tried again and again in a few seconds, failing at first and then working. It can be a sign someone is trying to steal card info to see what goes through.  That’s the part most...

Cyber threats are evolving faster than traditional security defense can respond; workloads with potential security issues are discovered by threat actors within 90 seconds, with exploitation attempts beginning within 3 minutes. Threat actors are quickly evolving their attack methodologies, resulting in new malware variants, exploit techniques, and evasion tactics. They also rotate their infrastructure—IP addresses, domains, and URLs. Effectively...