Dataproof Communications

Amazon Web Services (AWS) is pleased to announce that the Fall 2025 System and Organization Controls (SOC) 1, 2, and 3 reports are now available. The reports cover 185 services over the 12-month period from October 1, 2024–September 30, 2025, giving customers a full year of assurance. These reports demonstrate our continuous commitment to adhering to the heightened expectations of...

Critical iOS and iPadOS WebKit flaws put millions of iPhones and iPads at risk of silent takeover. Apple urges users to update immediately. The post New iOS and iPadOS Flaws Leave Millions of iPhones at Risk appeared first on TechRepublic. - Read more

Madison, United States, January 20th, 2026, CyberNewsWire Veteran cybersecurity leader brings decades of experience and patented innovation to advance the next generation of proactive security solutions. Sprocket Security today announced the appointment of Eric Sheridan as Chief Technology Officer (CTO). In this role, Sheridan will lead the company’s technology vision and execution, accelerating innovation and advancing Sprocket Security’s mission to deliver proactive cybersecurity solutions...

2 security vulnerabilities in the Chainlit framework expose risks from web flaws in AI applications - Read more

Organisations are beginning to implement zero-trust models for data governance thanks to the proliferation of poor quality AI-generated data, often known as AI slop. - Read more

Delta Electronics DIAView Multiple Vulnerabilities CVE-2025-62581 - Hard-coded JWT Secret Key (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)DIAView uses a hardcoded secret key.CVE-2025-62582 - Unauthenticated Remote Database Access (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)An unauthenticated remote attacker can access configured databases in a DIAView project.  Ben Smith Tue, 01/20/2026 - 10:54 - Read more

Forscher haben fünf bösartige Chrome-Erweiterungen entdeckt.T. Schneider – shutterstock.com Forscher des Security-Anbieters Socket haben eine koordinierte Kampagne entdeckt, die auf bösartigen Chrome-Add-ons basiert. Die Angreifer haben die Abwehrmechanismen des Chrome Web Stores umgangen und Erweiterungen als Produktivitätswerkzeuge beworben. „Die Erweiterungen arbeiten zusammen, um Authentifizierungs-Token zu stehlen, Incident-Response-Funktionen zu blockieren und durch Session-Hijacking die vollständige Übernahme...

View CSAF Summary Schneider Electric is aware of a vulnerability disclosed by INTEL used in the EcoStruxure™ Foxboro DCS product formerly known as Foxboro Evo Process Automation System and I/A Series. The (https://www.se.com/ww/en/product-range/63680-ecostruxure-foxboro-dcs/#overview) is an innovative family of fault-tolerant, highly available control components, which consolidates critical information and elevates staff capabilities to ensure flawless, continuous plant operation. Failure to apply the...

Key Points Check Point Research (CPR) believes a new era of AI-generated malware has begun. VoidLink stands as the first evidently documented case of this era, as a truly advanced malware framework authored almost entirely by artificial intelligence, likely under the direction of a single individual. Until now, solid evidence of AI-generated malware has primarily been linked to inexperienced...

Updated the build numbers. This is an informational update only. - Read more