Dataproof Communications

Corrected CVE title. This is an informational change only. - Read more

The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition - Read more

The financial impact of last year’s cyber attack on Jaguar Land Rover continues to be felt, with full-year sales and profits at the carmaker way down - Read more

Three-storey GreenSquare datacentre in Hazelmere was to power cloud computing and the acceleration of AIGet our breaking news email, free app or daily news podcastA 15,000 sq metre datacentre near Perth will no longer go ahead after the developer withdrew plans amid community opposition over its impact on culturally significant sites.The three-storey, 120-megawatt GreenSquare datacentre in the town of...

In April 2026, Insikt Group® identified 37 high-impact vulnerabilities that should be prioritized for remediation, 35 of which had a Very Critical Recorded Future Risk Score. This represents a 19% increase from last month. 31 of the 37 were included in the US Cybersecurity and Infrastructure Security Agency (CISA)’s Known Exploited Vulnerabilities (KEV) catalog, and six were surfaced...

AWS IAM Identity Center provides a web-based access portal that gives your workforce a single place to view their AWS accounts and applications. With the recent launch of IAM Identity Center multi-Region replication, customers can replicate their IAM Identity Center instance across multiple AWS Regions to improve resilience and reduce latency for a globally distributed workforce. As...

Linux admins reeling from handling last month’s CopyFail and last week’s Dirty Frag kernel vulnerabilities have a new headache to deal with: Fragnesia. “This is a significant vulnerability,” Robert Beggs, head of incident response firm DigitalDefence, told CSO. “It is bypassing traditional filesystem permissions that are present and enforced (for example, ‘file is owned by...

Microsoft Foundry Toolkit for VS Code: Command Injection via Python Interpreter Path Leading to Arbitrary Code Execution Microsoft Foundry Toolkit for VS Code (formerly AI Toolkit for VS Code) uses child_process.exec() with string interpolation to build shell commands that include a Python interpreter path obtained from the Python extension API (ms-python.python via getExecutionDetails()).The interpreter path can be controlled by a repository...

A Russian state-sponsored hacking group known as Sandworm has been caught making a calculated pivot from compromised IT networks into operational technology systems that control physical infrastructure. The campaign is alarming because it does not rely on cutting-edge exploits. Instead, Sandworm walks through doors that were already left open, turning unresolved vulnerabilities into launchpads for attacks on industrial...

Open WebUI Multiple Vulnerabilities CVE-2026-45398 - IDOR: Retrieval API Bypasses Knowledge Base Access ControlsSummary_validate_collection_access() (PR #22109) checks the user-memory-* and file-* collection name prefixes but does not check knowledge base collections, which use raw UUIDs as collection names. Any authenticated user who knows a private knowledge base UUID can read its content through the retrieval query endpoints, even though the knowledge...