Dataproof Communications

By: Madalynn Carr, Intelligence TeamThreat actors are constantly evolving and adapting by discovering new, unique ways to bypass email-based security controls. One key method they exploit is the abuse of URL shortening services (also known as URL shorteners or link shorteners). These legitimate online tools allow users and businesses to make short aliases of longer URLs for a variety of...

Sensitive information relates to more than 100 individuals and their refereesPersonal details submitted by applicants for a job at Tate art galleries have been leaked online, exposing their addresses, salaries and the phone numbers of their referees, the Guardian has learned.The records, running to hundreds of pages, appeared on a website unrelated to the government-sponsored organisation, which operates the...

FortiGuard Labs continue to observe detections in the wild related to the Akira ransomware group. According to the new report by CISA it has targeted over 250 organizations since the past year, affecting numerous businesses and critical infrastructure entities across North America, Europe, and Australia. The gang has made over $42 million from the attacks as ransom payments. ...

A 2025 look at real-world Kubernetes version adoption - Read more

Analysis of a threat actor campaign targeting Windows users with Vidar infostealer malware via malicious npm packages - Read more

By: Max Gannon, Intelligence TeamCofense Intelligence relies on over 35 million trained employees from around the world, and a considerable number of analyzed campaigns are written in languages other than English. This report focuses on the URLs embedded in emails that bypassed email security controls like secure email gateways (SEGs) to deliver malware. The URLs that are the focus of...

Detecting software supply chain attacks through runtime security. - Read more

Github Copilot Chat Prompt Injection via Filename A prompt injection vulnerability exists in Github Copilot Chat version 0.28.0. We have verified this vulnerability is present when installed on macOS Sequoia 15.5 with Visual Studio Code 1.101.2 and Github Copilot Chat version 0.28.0 in Agent mode using Claude Sonnet 4.It is possible to create a file name that will be...

Google Cloud Platform (GCP) Google Security Operations SIEM Tenant Service Account of the SecOps Instance Access Token Leak Tenable Research has identified and responsibly disclosed a safety mechanism bypass vulnerability in Google Security Operations. This flaw allowed an attacker to leak the access token of the highly privileged SIEM tenant service account, leading to a significant privilege escalation.This vulnerability...

Google Cloud Platform (GCP) Google Security Operations IDE Code Execution Protection Bypass Tenable Research has identified and responsibly disclosed a safety mechanism bypass vulnerability in Google Security Operations. This flaw allowed an attacker to bypass built-in code execution security restrictions and run arbitrary code on the underlying infrastructure.Google Security Operations' Integrated Development Environment (IDE) is designed to let users...