Dataproof Communications

In June 2015, custom gaming controller maker Scuf Gaming suffered a data breach. The incident exposed 129k unique email addresses along with usernames, display names, IP addresses and password hashes. - Read more

By Exequiel Ortega, Cofense Phishing Defense CenterXiaomi, founded in 2010, has grown into a global technology brand known for delivering powerful smartphones and smart devices at competitive prices. With a strong presence in China, India, Southeast Asia, and parts of Europe, the company has built a loyal user base by combining innovation, sleek design, and value-driven technology. Because of its...

In March 2026, the audio production tools company Sound Radix disclosed a data breach that they subsequently self-submitted to HIBP. The incident impacted 293k unique email addresses and names. Sound Radix advised that it is possible that additional data including hashed passwords may have been exposed, and that no financial or credit card information was impacted. - Read...

A sophisticated and long-running cyber espionage campaign, tracked as CL-STA-1087, has been quietly targeting military organizations across Southeast Asia since at least 2020. The operation, assessed with moderate confidence to be linked to a China-aligned threat actor, focuses on collecting strategic and operational intelligence rather than simply stealing large amounts of data. The attackers prioritized staying hidden, using...

Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be chained to cause a denial-of-service outage, infrastructure security company Opswat has revealed. The two most operationally significant are CVE-2026-20114 and CVE-2026-20110, which the researchers found could be chained to make possible a dangerous privilege escalation. Opswat’s Unit 515...

The US’ new Bureau of Emerging Threats sits within the State Department and will supposedly help address national security threats arising from cyber attacks, the weaponisation of space, and other emerging technologies. - Read more

By: Marie Mamaril, Intelligence TeamCloudflare's suite of services like Workers, Tunnels, Turnstile, Pages and Cloudflare R2 (*r2dev) continue to be abused by threat actors to orchestrate stealthy phishing attacks and deliver malware in ways that are difficult for traditional security measures to detect or prevent. This abuse underscores a perilous shift wherein Cloudflare’s legitimate services are now being repurposed...

- Read more

CISA has awarded Elastic a contract to provide SIEM as a Service (SIEMaaS) to US federal civilian agencies in an effort to standardize threat hunting, cybersecurity monitoring, and incident response across the government. - Read more

Executive Summary Insikt Group identified five distinct clusters leveraging the ClickFix social engineering technique to facilitate initial access to host systems. Observed since at least May 2024, these clusters include those impersonating financial application Intuit QuickBooks and the travel agency Booking.com. Insikt Group leveraged the Recorded Future® HTML Content Analysis dataset, which enables systematic monitoring of embedded web...