Dataproof Communications

This report provides an overview of ongoing Iran-linked cyber operations, highlighting activity attributed to state-aligned proxies and hacktivist groups. The vulnerabilities listed are suspected to be exploited by actors associated with Iran in real-world campaigns, consistent with observed tactics, techniques, and procedures (TTPs). Iran-linked operations continue to rely on distributed, lower-complexity techniques, including phishing, DDoS, data exfiltration, and destructive...

In March 2026, the NSFW AI companion platform Cuties AI suffered a data breach that was subsequently published to a public hacking forum. The incident exposed 144k unique email addresses along with display names, avatars, prompts and descriptions used to generate AI adult images, as well as URLs to the generated content. The data also included the account that...

- Read more

An attacker hijacked an axios maintainer's npm account to publish malicious releases that deliver a cross-platform RAT. - Read more

Red teaming has always played a role in testing defenses, but in 2026 its role is changing. Security teams are no longer asking whether an attacker can get in. That question has already been answered. The real challenge is whether teams can detect, validate, and respond before an incident escalates.That shift sits at the center of this year’s Rapid7...

Iran-linked hackers breached FBI Director Kash Patel’s personal email, leaking older messages in a retaliatory cyberattack with no classified data exposed. The post Iran-Linked Hackers Breach FBI Director Kash Patel’s Email, Leak Messages Online appeared first on TechRepublic. - Read more

Key Takeaways Sensitive data shared with ChatGPT conversations could be silently exfiltrated without the user’s knowledge or approval. Check Point Research discovered a hidden outbound communication path from ChatGPT’s isolated execution runtime to the public internet. A single malicious prompt could turn an otherwise ordinary conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive...

For the latest discoveries in cyber research for the week of 30th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Iranian state-affiliated threat group Handala Hack has breached FBI director’s Patel’s personal Gmail account and leaked many personal photos and documents. This follows the FBI’s seizure of domains related to Handala Hack’s activity last week, due to the...

Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials - Read more

By Enrico Silverio, Cofense Phishing Defense CenterYou’re checking your inbox like any other day when a LinkedIn notification pops up, hinting at a promising opportunity. It feels exciting and completely normal to click. Yet with that single action, your login credentials may already be slipping into the hands of a cybercriminal. This is the danger hiding in plain sight:...