Dataproof Communications

New botnet Aeternum shifted C2 operations to Polygon blockchain, complicating takedown efforts - Read more

AI Security Insights – February 2026 - Read more

OverviewFor years, organizations have prioritized strengthening technical defenses, including hardening networks, accelerating patch management, and expanding endpoint detection and response capabilities. Defensive systems have become more adaptive, identity has moved to the center of security architectures, and zero-trust has emerged as a foundational design principle. Despite these advances, successful intrusions continue to occur in environments that appear technically mature. While...

A new diplomatic offensive against foreign privacy laws collides with fresh research showing that weakening data sovereignty protections is the last thing organizations need right now. The post The Global Fight Over Who Controls Your Data Just Escalated — Here’s What the Numbers Say appeared first on TechRepublic. - Read more

The Qilin ransomware gang remained ‘top dog’ in January 2026, with over 100 observed cyber attacks to its name, amid a rapidly evolving and fragmenting cyber criminal ecosystem - Read more

View CSAF Summary Successful exploitation of this vulnerability could allow attackers to gain unauthorized access to sensitive device data, bypass surveillance controls, and expose facilities to privacy breaches, operational risks, and regulatory compliance issues. The following versions of Pelco, Inc. Sarix Pro 3 Series IP Cameras are affected: Sarix Professional IMP 3 Series <=02.52 (CVE-2026-1241) Sarix Professional IXP 3 Series <=02.52 (CVE-2026-1241) Sarix Professional IBP...

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to terminate the software stack process, cause a denial-of-service condition, or execute arbitrary code. The following versions of Yokogawa CENTUM VP R6, R7 are affected: Vnet/IP Interface Package for CENTUM VP R6 (VP6C3300) <=R1.07.00 (CVE-2025-1924, CVE-2025-48019, CVE-2025-48020, CVE-2025-48021, CVE-2025-48022, CVE-2025-48023) Vnet/IP Interface Package for CENTUM VP R7 (VP7C3300) <=R1.07.00 (CVE-2025-1924, CVE-2025-48019, CVE-2025-48020,...

View CSAF Summary Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. The following versions of Chargemap chargemap.com are affected: chargemap.com vers:all/* (CVE-2026-25851, CVE-2026-20792, CVE-2026-25711, CVE-2026-20791) CVSS Vendor Equipment Vulnerabilities v3 9.4 Chargemap Chargemap chargemap.com Missing Authentication for Critical Function, Improper Restriction of Excessive Authentication Attempts, Insufficient Session Expiration, Insufficiently Protected Credentials Background Critical Infrastructure Sectors: Energy, Transportation...

Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.” Dohdoor utilizes the DNS-over-HTTPS (DoH) technique for command-and-control (C2) communications and has the ability to download and execute other payload binaries reflectively. UAT-10027 targeted victims in the education and health care sectors in the United States through a multi-stage attack chain. Talos observed the actor misused various living-off-the-land executables (LOLBins) to...

It used to take two months, but the UK government has reduced the time it takes to address fake DNS redirects - Read more