Dataproof Communications

A new law enforcement operation against phishing and ransomware operators led to the takedown of 45,000 malicious IP addresses - Read more

A major Interpol operation has resulted in the seizure of thousands of malicious cyber criminal IP addresses and servers, and multiple arrests. - Read more

Sensor Intel Series: February 2026 CVE Trends - Read more

A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in. The post Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk appeared first on TechRepublic. - Read more

A major cyberattack on US medical supplies giant Stryker has resulted in thousands of devices being remotely wiped, after a pro-Iranian hacking group may have compromised the company’s Microsoft Intune management system. Details remain sketchy, but what appears to have happened on Wednesday at one of the world’s largest medical supplies companies could, if confirmed,...

Welcome to this week’s edition of the Threat Source newsletter. I am the product of a single parent, my mom, who along with my grandparents helped raise me into the man I am today.  I cannot fathom what it took for my mom, who worked three jobs to put herself through college to be a teacher, to struggle through it....

Key Findings Handala Hack is an online persona operated by Void Manticore (aka Red Sandstorm, Banished Kitten), an actor affiliated with Iranian Ministry of Intelligence and Security (MOIS) Additional personas associated with this actor include Karma and Homeland Justice, which have been used in targeted operations against Israel and Albania Handala continues to rely on longstanding TTPs, primarily conducting...

As organizations scale their cloud infrastructure, maintaining proper lifecycle management of Amazon Machine Images (AMIs) is a critical component of their security and risk management goals. AMIs provide the essential information required to launch Amazon Elastic Compute Cloud (Amazon EC2) instances, however; they present security and compliance challenges if not tracked and managed throughout their lifecycle. This...

Analysts at ANY.RUN has identified a sharp spike in phishing campaigns exploiting Microsoft’s OAuth Device Authorization Grant flow, with more than 180 malicious URLs detected within a single week. Unlike conventional credential harvesting, this technique routes victims through legitimate Microsoft authentication pages, making it substantially harder for security operations centers (SOCs) to catch the compromise in real time. The...

PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse - Read more