Dataproof Communications

Executive Summary Insikt Group has identified a major cybercriminal operation specializing in large-scale cryptocurrency theft, operating under the moniker “Rublevka Team”. Since its inception in 2023, the threat group has generated over $10 million through affiliate-driven wallet draining campaigns. Rublevka Team is an example of a “traffer team,” composed of a network of thousands of social engineering specialists...

A look at how AI powering the 2026 Winter Games is vulnerable to adversarial prompts, behavioral vulnerabilities, and weak guardrails. - Read more

GlassWorm has emerged as a serious threat to developers using the Open VSX Registry, where popular VSX extensions were silently turned into delivery vehicles for malware. Threat actors compromised a trusted publisher account and pushed poisoned updates that looked like routine releases but actually carried a staged loader. These extensions, which had more than 22,000 downloads, were...

Windows 11’s optional KB5074105 update fixes the missing password icon bug linked to August 29, 2025’s KB5064081 and delivers 32 improvements. The post New Microsoft Update Improves Windows Sign-In Experience appeared first on TechRepublic. - Read more

A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project - Read more

Ransomware-as-a-service operations are increasingly seeking to forge connections with employees, contractors and trusted partners of their target organisations as an alternative to straight-up hacking, says NCC. - Read more

Wenn OT-Fachkräfte in den Ruhestand gehen, droht ein massiver Wissensverlust. Das kann erhebliche Folgen für die Cybersicherheit haben. vectorfusionart – shutterstock.com Zwar stellen Cyberkriminelle und staatlich unterstützte Angreifer gerade für den Industriesektor eine enorme und steigende Gefahr dar. Dennoch besteht die größte Bedrohung derzeit im mangelnden Wissenstransfer, was OT-Sicherheit und -Organisation (Operational Technology) angeht. Das...

Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 02/03/2026 - 09:56 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers.Out of caution and in line with best practice, Tenable has opted to...

In 2025, we launched Experts on Experts: Commanding Perspectives as a pilot video series designed to spotlight the ideas shaping cybersecurity, directly from the people driving them. Over five episodes, Rapid7 leaders shared short, candid conversations on topics like agentic AI, MDR ROI, cybercrime-as-a-service, and policy in practice. With Season Two launching soon, now is the perfect time to...

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to, modify, delete, or destroy information stored on the system where the affected product is installed, or cause a denial-of-service condition on the affected system. The following versions of Mitsubishi Electric FREQSHIP-mini for Windows are affected: FREQSHIP-mini for Windows >=8.0.0|<=8.0.2 (CVE-2025-10314) CVSS Vendor Equipment Vulnerabilities v3 8.8 Mitsubishi Electric Mitsubishi Electric FREQSHIP-mini for Windows Incorrect...