Dataproof Communications

In December 2025, the dating website "for a Europid vision" WhiteDate suffered a data breach that was subsequently leaked online, initially exposing 6.1k unique email addresses. The leaked data included extensive personal information such as physical appearance, income, education and IQ. A more comprehensive dataset was later provided to HIBP, containing usernames, IP addresses, private messages and a total...

In December 2025, the dating website "for a Europid vision" WhiteDate suffered a data breach that exposed 6k unique email addresses. The breach exposed extensive further personal information including data related to physical appearance, income, education and IQ. - Read more

- Read more

What is the Vulnerability? A critical vulnerability in MongoDB Server’s handling of zlib-compressed network traffic allows a fully unauthenticated remote attacker to read uninitialized heap memory and leak sensitive data directly from server memory. The flaw stems from improper buffer length handling during zlib...

Hard to believe it's that time again, and that Metasploit Framework will see the dawn of another Annual Wrap-Up (and a New Year). All of the metrics and modules you see here would in large part not be possible without the dedicated community members who care about the Framework and its mission on all the days of the year....

For the latest discoveries in cyber research for the week of 5th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Two US banks, Artisans’ Bank and VeraBank, disclosed that customer data was exposed in an August ransomware attack on their vendor, Marquis Software. The vendor was breached via SonicWall vulnerability, and while the banks’ own systems were not...

- Read more

Key Takeaways Declining payments, evolving tactics: Ransomware groups made less money in 2025 despite a 47% increase in publicly reported attacks, pushing them to adopt new approaches to extract payment, namely, DDoS-as-a-Service offerings, insider recruitment, and gig worker exploitation. Insider threats are rising: With stolen credentials, vulnerability exploitation, and phishing still dominating initial access, ransomware operators are...

For the latest discoveries in cyber research for the week of 29th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Romanian Waters, the country’s national water management authority, was hit by a ransomware attack that resulted in nearly 1,000 computer systems across national and regional offices being encrypted. The attack affected geographic information systems, databases, email, web servers,...

Overview of the attacks In mid-2025, we identified a malicious driver file on computer systems in Asia. The driver file is signed with an old, stolen, or leaked digital certificate and registers as a mini-filter driver on infected machines. Its end-goal is to inject a backdoor Trojan into the system processes and provide protection for malicious files, user-mode processes, and...