Dataproof Communications

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to bypass authentication and have remote access to sensitive information on the device. The following versions of Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera are affected: IP Camera XM530V200_X6-WEQ_8M firmware V5.00.R02.000807D8.10010.346624.S.ONVIF_21.06 (CVE-2025-65856) CVSS Vendor Equipment Vulnerabilities v3 9.8 Hangzhou Xiongmai Technology Co., Ltd Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera Missing Authentication for Critical Function Background Critical Infrastructure Sectors:...

View CSAF Summary Successful exploitation of this vulnerability could enable a remote attacker to alter critical system functions or disrupt device operation. The following versions of Carlson Software VASCO-B GNSS Receiver are affected: VASCO-B GNSS Receiver <1.4.0 (CVE-2026-3893) CVSS Vendor Equipment Vulnerabilities v3 9.4 Carlson Software Carlson Software VASCO-B GNSS Receiver Missing Authentication for Critical Function Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: United States Vulnerabilities Expand All + CVE-2026-3893 The Carlson VASCO-B GNSS...

Biobank operator is taking steps to improve security after biological, health and lifestyle information from its database was offered for sale on a Chinese website - Read more

The paradoxes of today’s digital world are well-known to anyone with a smartphone. Over the last decade, connectivity has expanded, yet the world has become more fragmented. Our everyday lives are more digital, but we spend more time parsing text messages for scams or deliberating the authenticity of potential deepfakes. Technology is delivering great productivity gains to small...

Summary Critical elements and rare earth elements REEs are no longer commodities; they are strategic dependencies. Chinaʼs dominance in processing and refining provides it with enormous geopolitical leverage over other industrialized economies. Geopolitical competition over mining and refining critical elements and REEs is accelerating. Competition to mine them will almost certainly expand into the Arctic, Greenland, Antarctica, the...

More than 1,300 internet-exposed SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw Microsoft says was exploited as a zero-day. The post Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed appeared first on TechRepublic. - Read more

Building on our recent announcement of AWS Security Hub Extended —our full-stack enterprise security offering — we want to show you how we’re simplifying security procurement and operations for your multicloud environments. Whether you’re a security architect evaluating solutions or a CISO looking to streamline vendor management, this post walks through the streamlined experience that transforms how...

Phishing reemerged as the most observed means of gaining initial access, accounting for over a third of the engagements where initial access could be determined. Phishing has not been the top vector for initial access since Q2 2025.Public administration and health care tied as the most targeted industry verticals, each accounting for 24 percent of all engagements. This is the third consecutive quarter where public administration has been the most targeted...

The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns - Read more

CrowdStrike has issued an urgent security advisory for a critical unauthenticated path-traversal vulnerability (CVE-2026-40050) affecting its LogScale platform, warning that a remote attacker could exploit the flaw to read arbitrary files directly from the server’s filesystem without authentication. The vulnerability resides in a specific cluster API endpoint within CrowdStrike LogScale. If this endpoint is exposed, a remote attacker can...