[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
Downgrade Attack Allows Phishing Kits to Bypass FIDO
State and Local Leaders Lobby Congress for Cybersecurity Resources
Google Chrome Enterprise: Advanced Browser Security for the Modern Workforce
Police & Government Email Access for Sale on Dark Web
CISA Warns N-able Bugs Under Attack, Patch Now
Cybersecurity Spending Slows & Security Teams Shrink
Navigating the Cybersecurity Budget Tug-of-War
North Korea Attacks South Koreans With Ransomware
Fortinet Products Are in the Crosshairs Again
Whispers of XZ Utils Backdoor Live on in Old Docker Images
Ars Technica
Is AI really trying to escape human control and blackmail people?
OpenAI brings back GPT-4o after user revolt
Why it’s a mistake to ask chatbots about their mistakes
High-severity WinRAR 0-day exploited for weeks by 2 groups
The GPT-5 rollout has been a big mess
Encryption made for police and military radios may be easily cracked
It’s getting harder to skirt RTO policies without employers noticing
Adult sites are stashing exploit code inside racy .svg files
Google discovered a new scam—and also fell victim to it
OpenAI launches GPT-5 free to all ChatGPT users
CyberScoop
US widens sanctions on Russian crypto exchange Garantex, its successor and affiliate firms
Russia restricts WhatsApp, Telegram calls, alleging criminal, terrorist activity
Fortinet SIEM issue coincides with spike in brute-force traffic against company’s SSL VPNs
The overlooked changes that two Trump executive orders could bring to cybersecurity
Patch the vulnerability: Confirm Sean Plankey as CISA director
Microsoft Patch Tuesday follows SharePoint attacks, Exchange server warnings
Guess what else GPT-5 is bad at? Security
SonicWall pins firewall attack spree on year-old vulnerability
Why cyber modernization requires partners with technical plus acquisition expertise
Researchers determine old vulnerabilities pose real-world threat to sensitive data in public clouds
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
How the Premier League uses AI to boost fan experiences and score new business goals
My favorite personal safety alarm is as loud as a jackhammer, and it just got an upgrade
ESR issues recall for power bank due to fire risk - here's what you need to know and do ASAP
These smart glasses can read menus and 'see for you', thanks to AI
Own a PS5? Changing these 3 settings gave my console an instant performance boost
My favorite power station now has a massive discount on Amazon
Put your favorite sites first in Google with this new Search setting - it's easy
Grab OnePlus' latest flagship smartwatch for up to $80 off - buy one while the deal lasts
I compared the best Samsung Galaxy and iPhone model in 2025: The winner is not so obvious
Describe your dream trip and Google's new AI tool will find flight deals for you now
The Hacker News
New HTTP/2 'MadeYouReset' Vulnerability Enables Large-Scale DoS Attacks
Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon’s Reach to Linux and macOS
Have You Turned Off Your Virtual Oven?
New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits
Simple Steps for Attack Surface Reduction
Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses
CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog
New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code
BleepingComputer
Over $300 million in cybercrime crypto seized in anti-fraud effort
Crypto24 ransomware hits large orgs with custom EDR evasion tool
Pro-Russian hackers blamed for water dam sabotage in Norway
Microsoft fixes Windows Server bug causing cluster, VM issues
Booking.com phishing campaign uses sneaky 'ん' character to trick you
When Theft Replaces Encryption: Blue Report 2025 on Ransomware & Infostealers
Canada’s House of Commons investigating data breach after cyberattack
Leak: OpenAI's browser will use ChatGPT Agent to control the browser
CISA warns of N-able N-central flaws exploited in zero-day attacks
Microsoft fixes Windows 11 24H2 updates failing with 0x80240069 error
Cybersecurity Dive
Water sector expands partnership with volunteer hackers
Trump administration cyber cuts eroding private sector’s trust, confidence
White House urged to revamp cyber regulations
CISA, Microsoft update guidance on Exchange Server vulnerability
US agencies, international allies issue guidance on OT asset inventorying
Xerox patches critical vulnerability in FreeFlow Core application
Financial impact from severe OT events could top $300B
Citrix NetScaler flaws lead to critical infrastructure breaches
DOJ, international partners take down BlackSuit group’s infrastructure
Research shows AI agents are highly vulnerable to hijacking attacks
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Ransomware crews don't care about your endpoint security – they've already killed it
Psst: wanna buy a legit FBI email account for $40?
'MadeYouReset' HTTP/2 flaw lets attackers DoS servers
Lock down your critical infrastructure, CISA begs admins
BtcTurk suspends operations amid alleged $49M hot wallet heist
Law and water: Russia blamed for US court system break-in and Norwegian dam drama
Italian hotels breached en masse since June, government confirms
Stock in the Channel pulls website amid cyberattack
The £9 billion question: To Microsoft or not to Microsoft?
Fortinet discloses critical bug with working exploit code amid surge in brute-force attempts
VentureBeat
Anthropic takes on OpenAI and Google with new Claude AI features designed for students and developers
The end of perimeter defense: When your own AI tools become the threat actor
Claude can now process entire software projects in single request, Anthropic says
Study warns of security risks as ‘OS agents’ gain control of computers and phones
Black Hat 2025: Why your AI tools are becoming the next insider threat
Anthropic ships automated security reviews for Claude Code as AI-generated vulnerabilities surge
Anthropic’s new Claude 4.1 dominates coding tests days before GPT-5 arrives
ChatGPT rockets to 700M weekly users ahead of GPT-5 launch with reasoning superpowers
Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports
Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale
TechCrunch
Norway spy chief blames Russian hackers for hijacking dam
How we found TeaOnHer spilling users’ driver’s licenses in less than 10 minutes
Russian government hackers said to be behind US federal court filing system hack: Report
Hackers breach and expose a major North Korean spying operation
US government seized $1M from Russian ransomware gang
Electronic Arts blocks more than 300,000 attempts to cheat after launching Battlefield 6 beta
Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere
After researchers unmasked a prolific SMS scammer, a new operation has emerged in its wake
Data breach at French telecom giant Bouygues affects millions of customers
TeaOnHer, a rival Tea app for men, is leaking users’ personal data and driver’s licenses
Network World Security
Cisco’s 9% security growth is misleadingly low
VMware Explore 2025: Latest news and insights
Nvidia targets data center with new servers, AI software
Cisco Q4 results: AI infrastructure orders surpass goal
SonicWall rolls out eight new firewalls, expands cyber warranty
Cisco strengthens AI networking story
DEF CON research takes aim at ZTNA, calls it a bust
New Compute Exchange service answers GPU pricing queries
Trump meets with Intel CEO after calling for his resignation
Data center sustainability efforts stall slightly in 2025
Help Net Security
Brute-force attacks hammer Fortinet devices worldwide
Palo Alto Networks helps organizations accelerate their quantum readiness
For $40, you can buy stolen police and government email accounts
Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876)
Brivo Visitor Management, powered by Envoy, boosts front-desk security
AI security governance converts disorder into deliberate innovation
Open-source flow monitoring with SENSOR: Benefits and trade-offs
The top CTEM platforms you should know in 2025
Free courses: Master AI tools from Microsoft, AWS, and Google
AI is changing Kubernetes faster than most teams can keep up
InfoSecurity Magazine
KernelSU v0.5.7 Flaw Lets Android Apps Gain Root Access
Malvertising Campaign Deploys Modular PowerShell Malware PS1Bot
FBI Shares Tips to Spot Fake Lawyer Schemes Targeting Crypto Scam Victims
Hacked Law Enforcement and Government Email Accounts Sold on Dark Web for $40
Fortinet Warns Exploit Code Available for Critical Vulnerability
Campaigners Slam Expansion of Police Facial Recognition Schemes in UK
Erlang/OTP SSH Vulnerability Sees Spike in Exploitation Attempts
Deepfake AI Trading Scams Target Global Investors
Staffing Company Manpower Discloses Data Breach
St. Paul’s Mayor Confirms Interlock Data Leak
© 2025 RiskDiscovery | Sponsored by: Deception Logic