Dataproof Communications

Cisco Talos uncovered a cluster of activity we track as UAT-10362 conducting spear-phishing campaigns against Taiwanese non-governmental organizations (NGOs) and suspected universities to deliver a newly identified malware family, “LucidRook.” LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and execute staged Lua bytecode payloads. The dropper “LucidPawn” uses region-specific anti-analysis checks and executes only in Traditional Chinese language environments associated with...

Information published. - Read more

What is the Attack? Operation TrueChaos is a targeted cyber espionage campaign exploiting a zero-day vulnerability in the TrueConf video conferencing platform. The campaign primarily targets government entities in Southeast Asia by replacing a legitimate update with a malicious one. Threat actors effectively weaponized the product’s...

Author: Jacob Malimban, Intelligence TeamGitHub and GitLab are often used and trusted by programmers, project managers, and software end-users, but that trust is increasingly being abused by threat actors. These Git repository websites are necessary and can’t be blocked because of their use by enterprise software and normal business operations. By uploading malware or credential phishing pages to repositories...

In April 2026, the NSFW AI girlfriend platform My Lovely AI suffered a data breach that exposed over 100k users. The data included user-created prompts and links to the resulting AI-generated images, along with a small number of Discord and X usernames. - Read more

Executive Summary Venezuelan Acting President Delcy Rodríguez’s policy decisions will affect economic and political stability in Venezuela in the coming months. Her approach will likely be shaped by a deep familiarity with the state security apparatus, her revolutionary identity, a demonstrated willingness to break from orthodoxy and seek coordination with Washington, an interest in restoring support for the...

Version 9.3.3 of the Elastic Stack was released today. We recommend you upgrade to this latest version. We recommend 9.3.3 over the previous versions 9.3.2. For details of the issues that have been fixed and a full list of changes for each product in this version, please refer to the release notes. - Read more

Trump’s proposed budget cuts to CISA raise concerns about U.S. cyber defense, as experts warn of reduced collaboration and threat intelligence sharing. The post Trump’s Proposed CISA Cuts Spark Alarm Among Cybersecurity Experts appeared first on TechRepublic. - Read more

At AWS, we’ve spent decades developing processes and tools that enable us to defend millions of customers simultaneously, wherever they operate around the world. Every day, our security and threat intelligence teams are doing work with AI and automation that most people never see. Our AI-powered log analysis system has reduced the time SecOps engineers spend analyzing...

Stand-alone Security Patch Available for Tenable Security Center Versions 6.5.1, 6.6.0, 6.7.2 and 6.8.0: SC202604.1 Aaron Roy Tue, 04/07/2026 - 11:35 Security Center leverages third-party software to help provide underlying functionality. A third-party component (PostgreSQL) was found to contain vulnerabilities, and an updated version has been made available by the provider.Out of caution and in line with best...