Dataproof Communications

The Rapid7 MDR team is currently monitoring an increase in phishing campaigns where threat actors (TAs) impersonate internal IT departments via Microsoft Teams. The primary objective is to persuade users to launch Quick Assist, granting the TA remote access to deploy malware, exfiltrate data, or facilitate lateral movement across the network.Social engineering via IT Support impersonation is not a...

For the latest discoveries in cyber research for the week of 16th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES United States-based medical technology company Stryker has suffered a cyberattack that caused a global disruption to its environment. The company said its surgical robotics, clinical communications platform, and life support monitors are safe to use. Media reports said...

Some of these campaigns are linked to Darcula, a Chinese-language phishing-as-a-service platform - Read more

Companies House was forced to pull its WebFiling service offline at the weekend after it emerged that a flawed update was putting data at risk of exposure. - Read more

Threat actors are abusing extension dependency relationships in the Open VSX registry to indirectly deliver malware in a new phase of the GlassWorm supply-chain campaign. Researchers at Socket said they have identified at least 72 additional malicious Open VSX extensions linked to the campaign since January 31, 2026. The extensions appear to target developers by...

Introduction GoPix is an advanced persistent threat targeting Brazilian financial institutions’ customers and cryptocurrency users. It represents an evolved threat targeting internet banking users through memory-only implants and obfuscated PowerShell scripts. It evolved from the RAT and Automated Transfer System (ATS) threats that were used in other malware campaigns into a unique threat never seen before. Operating as a LOLBin...

By Cobi Aloia and Mark Deomampo, Cofense Phishing Defense CenterThe Cofense Phishing Defense Center (PDC) has recently identified a unique phishing campaign utilizing the software as a service (SaaS) LiveChat - a customer service software featuring live messaging and AI to provide a line of support for businesses. Unlike typical refund scams or credential phish, this campaign engages victims...

Power your sovereign AI factory using Elastic accelerated with the speed of NVIDIA GPUs on cuVS and the flexibility of Red Hat AI to enable enterprise-scale RAG and agentic AI workflows across any environment. - Read more

Executive Summary Credential theft is the dominant initial access vector for enterprise breaches. In 2025, Recorded Future detected: 1.95 billion malware combo list credential exposures 36 million database combo list credential exposures 24 million database dump credential exposures 892 million malware log credential exposures Five findings stand out from the data: Credential theft accelerated as...

Dell’s AI Data Platform designed with Elasticsearch and NVIDIA cuVS is a turnkey enterprise-grade AI solution stack designed to deliver the speed, accuracy, and context required to help organizations turn unstructured data into an AI advantage. - Read more