Dataproof Communications

As the threat landscape keeps shifting, security teams are being asked to do more than react. They are expected to look ahead, connect the dots, and make decisions in environments that change faster every year. That challenge was at the heart of Rapid7’s 2026 Security Predictions webinar, where our experts reflected on what the past year revealed about attacker...

Trend Micro Apex Central Multiple Vulnerabilities CVE-2025-69258: MsgReceiver.exe LoadLibraryEx RCE (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)MsgReceiver.exe listens on default TCP port 20001 and accepts messages having the following structures:// be = big endian// le = little endianstruct hdr{   be32 MsgSize; // for entire message   byte unk;}; struct body{   le16 MsgId; // 0x08ff - SC_QUERY_PROCESS_ID_REQUEST               // 0x0900 - SC_QUERY_PROCESS_ID_REPLY               // 0x08fd - SC_UNLOAD_REQUEST               // 0x08fe - SC_UNLOAD_REPLY               // 0x0a8d - SC_INSTALL_HANDLER_REQUEST               // 0x0a8e -...

Nessus Agent Versions 11.0.3 and 10.9.3 Fix One Vulnerability Arnie Cabral Wed, 01/07/2026 - 08:47 A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileges. - Read more

Key takeaways GoBruteforcer (also called GoBrut) is a modular botnet, written in Go, that brute-forces user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers. The botnet spreads through a chain of web shell, downloader, IRC bot, and bruteforcer modules. The current wave of campaigns is driven by two factors: the mass reuse of AI-generated...

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2009-0556 Microsoft Office PowerPoint Code Injection Vulnerability CVE-2025-37164 HPE OneView Code Injection Vulnerability  These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known...

Cisco Talos is Cisco’s threat intelligence and security research organization that powers Cisco’s product portfolio with that intelligence. While we are well known for the security research in our blog, vulnerability discoveries, and our open-source software, you may not be aware of exactly how our know-how protects Cisco customers.Talos’ core mission is to understand the broad threat landscape and distill the massive amount of telemetry...

By: Max Gannon, Intelligence TeamCofense Intelligence relies on over 35 million trained employees from around the world, therefore a considerable number of analyzed campaigns are written in languages other than English. This report covers from May 2023 to May 2025 and focuses on the overall themes of campaigns in the top five most commonly seen languages besides English that...

This blog post explores the rationale and implementation behind GitHub's security recommendations for npm maintainers following numerous high-profile supply-chain incidents. It details how hardening publishing infrastructure through trusted publishing, enforced two-factor authentication, and WebAuthn-based protocols can meaningfully increase the resilience of the ecosystem. - Read more

The analysis cut-off date for this report was September 11, 2025 Executive Summary Between February and September 2025, Recorded Future’s Insikt Group identified multiple credential-harvesting campaigns conducted by BlueDelta, a Russian state-sponsored threat group associated with the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). This activity represents an expansion of...

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to redirect connections to an attacker controlled device, gain admin access to the web portal, or gain limited shell access. The following versions of Columbia Weather Systems MicroServer are affected: MicroServer firmware (CVE-2025-61939, CVE-2025-64305, CVE-2025-66620) CVSS Vendor Equipment Vulnerabilities v3 8.8 Columbia Weather Systems Columbia Weather Systems MicroServer Improper Restriction of Communication Channel to Intended Endpoints, Cleartext Storage in...