Dataproof Communications

Cisco Talos is disclosing a sophisticated threat actor we track as UAT-7290, who has been active since at least 2022.UAT-7290 is tasked with gaining initial access as well as conducting espionage focused intrusions against critical infrastructure entities in South Asia.UAT-7290's arsenal includes a malware family consisting of implants we call RushDrop, DriveSwitch, and SilentRaid.Our findings indicate that UAT-7290 conducts...

Bubble or no bubble, from cyber skills to defensive strategies to governance, risk and compliance, artificial intelligence will remake the cyber world in 2026 - Read more

- Read more

What is the Vulnerability? CVE-2025-14611 is a high-severity insecure cryptography vulnerability affecting Gladinet CentreStack and Triofox products prior to version 16.12.10420.56791. The flaw stems from hardcoded AES cryptographic key values in the product’s implementation, degrading encryption security and enabling unauthorized access to sensitive resources when exposed...

Information published. - Read more

OX Security reveals how malicious Chrome extensions exposed AI chats from ChatGPT and DeepSeek, silently siphoning sensitive data from 900,000 users. The post 900,000 Users Hit as Malicious Chrome Extensions Steal ChatGPT, DeepSeek Chats appeared first on TechRepublic. - Read more

As the threat landscape keeps shifting, security teams are being asked to do more than react. They are expected to look ahead, connect the dots, and make decisions in environments that change faster every year. That challenge was at the heart of Rapid7’s 2026 Security Predictions webinar, where our experts reflected on what the past year revealed about attacker...

Trend Micro Apex Central Multiple Vulnerabilities CVE-2025-69258: MsgReceiver.exe LoadLibraryEx RCE (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)MsgReceiver.exe listens on default TCP port 20001 and accepts messages having the following structures:// be = big endian// le = little endianstruct hdr{   be32 MsgSize; // for entire message   byte unk;}; struct body{   le16 MsgId; // 0x08ff - SC_QUERY_PROCESS_ID_REQUEST               // 0x0900 - SC_QUERY_PROCESS_ID_REPLY               // 0x08fd - SC_UNLOAD_REQUEST               // 0x08fe - SC_UNLOAD_REPLY               // 0x0a8d - SC_INSTALL_HANDLER_REQUEST               // 0x0a8e -...

Nessus Agent Versions 11.0.3 and 10.9.3 Fix One Vulnerability Arnie Cabral Wed, 01/07/2026 - 08:47 A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileges. - Read more

Key takeaways GoBruteforcer (also called GoBrut) is a modular botnet, written in Go, that brute-forces user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers. The botnet spreads through a chain of web shell, downloader, IRC bot, and bruteforcer modules. The current wave of campaigns is driven by two factors: the mass reuse of AI-generated...