[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
1Password Addresses Critical AI Browser Agent Security Gap
RondoDox Botnet: an 'Exploit Shotgun' for Edge Vulns
The Fight Against Ransomware Heats Up on the Factory Floor
Feds Shutter ShinyHunters Salesforce Extortion Site
Chinese Hackers Use Velociraptor IR Tool in Ransomware Attacks
Microsoft Adds Agentic AI Capabilities to Sentinel
Deepfake Awareness High at Orgs, But Cyber Defenses Badly Lag
Commentary Section Launches New, More Opinionated Era
GitHub Copilot 'CamoLeak' AI Attack Exfiltrates Data
SonicWall: 100% of Firewall Backups Were Breached
Ars Technica
Microsoft warns of new “Payroll Pirate” scam stealing employees’ direct deposits
AI models can acquire backdoors from surprisingly few malicious documents
Discord says hackers stole government IDs of 70,000 users
Bank of England warns AI stock bubble rivals 2000 dotcom peak
Salesforce says it won’t pay extortion demand in 1 billion records breach
Synology caves, walks back some drive restrictions on upcoming NAS models
Ars Live: Is the AI bubble about to pop? Ed Zitron is on with Ars at 3:30pm EDT today
AMD wins massive AI chip deal from OpenAI with stock sweetener
ICE wants to build a 24/7 social media surveillance team
Why iRobot’s founder won’t go within 10 feet of today’s walking robots
CyberScoop
 Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium
Dems introduce bill to halt mass voter roll purges 
SonicWall admits attacker accessed all customer firewall configurations stored on cloud portal
Sen. Peters tries another approach to extend expired cyber threat information-sharing law
Dozens of Oracle customers impacted by Clop data theft for extortion campaign
Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul
German government says it will oppose EU mass-scanning proposal
Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175
OpenAI: Threat actors use us to be efficient, not make new tools
Oracle zero-day defect amplifies panic over Clop’s data theft attack spree
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
Get a phone line with unlimited 5G for $25/month from Metro by T-Mobile - here's how
Yes, your iPhone can track every place you visit - here's how to turn it off
Get T-Mobile 5G home internet for $30/month when you bundle with a phone line - here's how
Is this the best smart monitor for home entertainment? My verdict after a week of testing
The most important Intel Panther Lake updates are the least talked about - I'll explain
The underdog AI startups on a16z's top 50 list
How to get Perplexity Pro free for a year - you have 3 options
6 reasons TV captions are a must-have for people under 45 now
iFixit tears down 'the most repairable smartwatch' - and it's not from Apple
Best Walmart deals to compete with Prime Day: My favorite deals still live from Apple, Samsung, and HP
The Hacker News
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability
CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw
From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
BleepingComputer
Windows 11 23H2 Home and Pro reach end of support in 30 days
Hackers exploiting zero-day in Gladinet file sharing software
Cybersecurity For Dummies, 3rd Edition eBook FREE for a Limited Time
Google Chrome to revoke notification access for inactive sites
Apple now offers $2 million for zero-click RCE vulnerabilities
Copilot on Windows can now connect to email, create Office docs
From Lab to Leadership: How VMware Certification Transformed My Career
FBI takes down BreachForums portal used for Salesforce extortion
New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube
Microsoft: Hackers target universities in “payroll pirate” attacks
Cybersecurity Dive
SonicWall investigation shows hackers gained wide access to customer backup files
Oracle E-Business Suite exploitation traced back as early as July
Risk mitigation budgets swell as enterprise AI adoption grows
Cyber risk a growing priority among insurance and asset management firms
Salesforce refuses to submit to extortion demands linked to hacking campaigns
AI fuels social engineering but isn’t yet revolutionizing hacking
Public disclosures of AI risk surge among S&P 500 companies
Businesses fear AI exposes them to more attacks
Extortion campaign targeting Oracle E-Business Suite customers linked to zero-day
Hackers steal sensitive Red Hat customer data after breaching GitLab repository
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Pro-Russia hacktivist group dies of cringe after falling into researchers' trap
Microsoft warns of 'payroll pirate' crew looting US university salaries
Cops nuke BreachForums (again) amid cybercrime supergroup extortion blitz
UK techies' union warns members after breach exposes sensitive personal details
It's trivially easy to poison LLMs into spitting out gibberish, says Anthropic
SonicWall breach hits every cloud backup customer after 5% claim goes up in smoke
Take this rob and shove it! Salesforce issues stern retort to ransomware extort
Germany slams brakes on EU's Chat Control device-scanning snoopfest
Employees regularly paste company secrets into ChatGPT
Nearly a year after attack, US medical scanning biz gets clear image of stolen patient data
VentureBeat
Weaponized AI can dismantle patches in 72 hours — but Ivanti's kernel defense can help
MCP stacks have a 92% exploit probability: How 10 plugins became enterprise security's biggest blind spot
Stopping breaches at machine speed demands agents, not alerts
SOC teams face 51-second breach reality—Manual response times are officially dead
Why identity-first security is the first defense against sophisticated AI-powered social engineering
AI sharpens threat detection — but could it dull human analyst skills?
Legacy UI is dead: Shadow AI is how real work gets done now
CrowdStrike bets on agentic workforces to outpace AI-driven adversaries
Shadow AI doubles every 18 months, creating blind spots SOCs never see
Stop sending anonymous texts. Start building trust.
TechCrunch
Homeland Security reassigns ‘hundreds’ of CISA cyber staffers to support Trump’s deportation crackdown
Spyware maker NSO Group confirms acquisition by US investors
Discord data breach affects at least 70,000 users
Italian businessman’s phone reportedly targeted with Paragon spyware
‘Dozens’ of organizations had data stolen in Oracle-linked hacks
Here’s the tech powering ICE’s deportation crackdown 
ICE bought vehicles equipped with fake cell towers to spy on phones 
North Korean hackers stole over $2 billion in crypto so far in 2025, researchers say
Security bug in India’s income tax portal exposed taxpayers’ sensitive data
Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data
Network World Security
Networking terms and definitions
Intel details new efficient Xeon processor line
Intel: Latest news and insights
Beyond Ping and SNMP: Building an AI-ready observability framework for enterprise networks
Fields medalist: ‘As of today we have no quantum computer. It does not exist.’
Cisco seriously amps-up Silicon One chip, router for AI data center connectivity
Zscaler, café-inspired branch networks, and mobile security
SolarWinds launches AI agent to automate IT operations, speed incident response
IBM touts agentic AI orchestration, cryptographic risk controls
Network digital twin technology faces headwinds
Help Net Security
OpenVPN redefines secure connectivity with Access Server 3.0
Accenture helps organizations advance agentic AI with Gemini Enterprise
Proof launches Certify, the cryptographic answer to AI-generated fraud
comforte AG debuts TAMUNIO, its all-in-one shield for data security
Apple offers $2 million for zero-click exploit chains
Mobilicom rolls out a secured autonomy system powering next-gen AI drones
Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
From theory to training: Lessons in making NICE usable
Securing agentic AI with intent-based permissions
InfoSecurity Magazine
Google Launches AI Bug Bounty with $30,000 Top Reward
Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit
Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot
Researchers Warn of Security Gaps in AI Browsers
ClayRat Spyware Campaign Targets Android Users in Russia
All SonicWall Cloud Backup Users Have Firewall Configuration Files Stolen
ICO’s £7.5m Clearview AI Fine a Step Closer After Legal Victory
NCSC: Observability and Threat Hunting Must Improve
High Number of Windows 10 Users Remain as End-of-Life Looms
Nezha Tool Used in New Cyber Campaign Targeting Web Applications
© 2025 RiskDiscovery | Sponsored by: Deception Logic