[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
African Orgs Fall to Mass Microsoft SharePoint Exploits
Nimble 'Gunra' Ransomware Evolves With Linux Variant
Critical Flaw in Vibe-Coding Platform Base44 Exposes Apps
The Hidden Threat of Rogue Access
Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm
Root Evidence Bets on New Concept for Vulnerability Patch Management
Insurance Giant Allianz Life Grapples With Breach Affecting 'Majority' of Customers
Chaos Ransomware Rises as BlackSuit Gang Falls
Ghost Students Drain Money, Resources From Educational Sector
New Risk Index Helps Organizations Tackle Cloud Security Chaos
Ars Technica
AI in Wyoming may soon use more electricity than state’s human residents
OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test
Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel
After BlackSuit is taken down, new ransomware group Chaos emerges
OpenAI’s most capable AI model, GPT-5, may be coming in August
Supply-chain attacks on open source software are getting out of hand
Two major AI coding tools wiped out user data after making cascading mistakes
Nvidia AI chips worth $1B smuggled to China after Trump export controls
Some VMware perpetual license owners are unable to download security patches
White House unveils sweeping plan to “win” global AI race through deregulation
CyberScoop
Minnesota governor activates National Guard amid St. Paul cyberattack
CISA says it will release telecom security report sought by Sen. Wyden to lift hold on Plankey nomination
Researchers flag flaw in Google’s AI coding assistant that allowed for ‘silent’ code exfiltration 
Sen. Hassan wants to hear from SpaceX about scammers abusing Starlink
FBI alerts tie together threats of cybercrime, physical violence from The Com
Hundreds of registered data brokers ignore user requests around personal data
Microsoft’s software licensing playbook is a national security risk
US offers $15 million reward for info on North Korean nationals involved in global criminal network
Microsoft SharePoint attacks ensnare 400 victims, including federal agencies
Plankey vows to boot China from U.S. supply chain, advocate for CISA budget
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
The best mini PCs of 2025: Expert recommended from Apple, Intel, and more
The best PDF editors in 2025: Expert tested
Google's NotebookLM can now turn your content into narrated slides
Best data removal services 2025: Delete yourself from the internet
For programmers, even as AI adoption climbs, trust wanes
Best iPhone 2025: I tested the top models and found the best options for you
This subscription-free smart ring gave my Oura a run for its money (and it's cheaper too)
Happy 10th birthday, Windows 10! Hoo boy, it's been a journey
AC isn't blowing cold air? Consider these 5 quick fixes before calling a technician
The Lenovo ThinkBook G6 is a powerhouse for work and school, and it's 70% off at Amazon
The Hacker News
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware
Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
How the Browser Became the Main Cyber Battleground
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks
Why React Didn't Kill XSS: The New JavaScript Injection Playbook
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
BleepingComputer
Minnesota activates National Guard after St. Paul cyberattack
Russian airline Aeroflot grounds dozens of flights after cyberattack
Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware
Microsoft Edge now an 'AI-powered browser' with Copilot Mode
French telecom giant Orange discloses cyberattack
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
How attackers are still phishing "phishing-resistant" authentication
Lovense sex toy app flaw leaks private user email addresses
Tea app leak worsens with second database exposing user chats
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
Cybersecurity Dive
FBI, CISA warn about Scattered Spider’s evolving tactics
Ransomware attacks against oil and gas firms surge
Research shows LLMs can conduct sophisticated attacks without humans
Allianz Life discloses massive data breach linked to supply-chain attack
Emerging cybersecurity needs: What the market is telling us
Philadelphia Indemnity Insurance discloses June data breach
Treasury sanctions North Koreans involved in IT-worker schemes
Senators push CISA director nominee on election security, agency focus
What we know about the Microsoft SharePoint attacks
Trump AI plan calls for cybersecurity assessments, threat info-sharing
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
CISA caves to Wyden, agrees to release US telco insecurity report - but won’t say when
FBI: Watch out for these signs Scattered Spider is spinning its web around your org
Raspberry Pi RP2350 A4 update fixes old bugs and dares you to break it again
War Games: MoD asks soldiers with 1337 skillz to compete in esports
Microsoft spotlights Apple bug patched in March as SharePoint exploits continue
Security pros are drowning in threat-intel data and it's making everything more dangerous
Majority of 1.4M customers caught in Allianz Life data heist
Aeroflot aeroflops over 'IT issues' after attackers claim year-long compromise
US spy satellite agency breached, but insists no classified secrets spilled
Congress tries to outlaw AI that jacks up prices based on what it knows about you
VentureBeat
AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders
ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step
Sparrow raises $35M Series B to automate the employee leave management nightmare
How E2B became essential to 88% of Fortune 100 companies and raised $21 million
CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone
SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more
Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely
Anthropic researchers discover the weird AI problem: Why thinking longer makes models dumber
Crowdstrike’s massive cyber outage 1-year later: lessons enterprises can learn to improve security
Google DeepMind makes AI history with gold medal win at world’s toughest math competition
TechCrunch
Google says UK government has not demanded an encryption backdoor for its users’ data
Tea app disables DMs after second data breach exposed over a million private messages
Telecom giant Orange warns of disruption amid ongoing cyberattack
Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers
Trump’s cybersecurity cuts putting nation at risk, warns New York cyber chief
Flights grounded as Russia’s largest airline Aeroflot hacked and systems ‘destroyed’
Dating safety app Tea breached, exposing 72,000 user images
Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack
Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers
Cybercrime forum Leak Zone publicly exposed its users’ IP addresses
Network World Security
Survey: AI, cyber threats, distributed workforces challenge IT teams most
Backblaze adds cloud storage security protection features
Debian shifts to 64-bit time storage to head off Epochalypse
Network jobs watch: Hiring, skills and certification trends
Multi-cloud migration startup FluidCloud emerges from stealth
2025 global network outage report and internet health check
Cisco donates AI agent tech to Linux Foundation
Huawei showcases CloudMatrix 384 AI system to rival Nvidia’s flagship
Nvidia: Latest news and insights
AI chip startup FuriosaAI strikes deal with LG with enterprise customers in mind
Help Net Security
Artemis: Open-source modular vulnerability scanner
The food supply chain has a cybersecurity problem
Why CISOs should rethink identity risk through attack paths
AI is here, security still isn’t
Boards shift focus to tech and navigate cautious investors
Fighting AI with AI: How Darwinium is reshaping fraud defense
Darwinium launches AI tools to detect and disrupt adversarial threats
Beyond Passwords: A Guide to Advanced Enterprise Security Protection
Intruder launches GregAI to deliver AI-powered, contextual security workflow management
Cyware expands Intelligence Suite to streamline CTI program deployment and operations
InfoSecurity Magazine
OWASP Launches Agentic AI Security Guidance
French Telco Orange Hit by Cyber-Attack
Critical Authentication Flaw Identified in Base44 Vibe Coding Platform
Auto-Color Backdoor Malware Exploits SAP Vulnerability
CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine
FBI Seizes $2.4m in Crypto from Chaos Ransomware Gang
Charity Fined After Destroying “Irreplaceable” Records
Pro-Ukraine Hacktivists Ground Dozens of Aeroflot Flights
Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable
New Scattered Spider Tactics Target VMware vSphere Environments
© 2025 RiskDiscovery | Sponsored by: Deception Logic