[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
Critical Flaw in Vibe-Coding Platform Base44 Exposes Apps
The Hidden Threat of Rogue Access
Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm
Root Evidence Bets on New Concept for Vulnerability Patch Management
Insurance Giant Allianz Life Grapples With Breach Affecting 'Majority' of Customers
Chaos Ransomware Rises as BlackSuit Gang Falls
Ghost Students Drain Money, Resources From Educational Sector
New Risk Index Helps Organizations Tackle Cloud Security Chaos
Sophisticated Shuyal Stealer Targets 19 Browsers, Demonstrates Advanced Evasion
How to Spot Malicious AI Agents Before They Strike
Ars Technica
OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test
Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel
After BlackSuit is taken down, new ransomware group Chaos emerges
OpenAI’s most capable AI model, GPT-5, may be coming in August
Supply-chain attacks on open source software are getting out of hand
Two major AI coding tools wiped out user data after making cascading mistakes
Nvidia AI chips worth $1B smuggled to China after Trump export controls
Some VMware perpetual license owners are unable to download security patches
White House unveils sweeping plan to “win” global AI race through deregulation
OpenAI and partners are building a massive AI data center in Texas
CyberScoop
Researchers flag flaw in Google’s AI coding assistant that allowed for ‘silent’ code exfiltration 
Sen. Hassan wants to hear from SpaceX about scammers abusing Starlink
FBI alerts tie together threats of cybercrime, physical violence from The Com
Hundreds of registered data brokers ignore user requests around personal data
Microsoft’s software licensing playbook is a national security risk
US offers $15 million reward for info on North Korean nationals involved in global criminal network
Microsoft SharePoint attacks ensnare 400 victims, including federal agencies
Plankey vows to boot China from U.S. supply chain, advocate for CISA budget
Trump AI plan pushes critical infrastructure to use AI for cyber defense
Authorities in Ukraine nab alleged admin of Russian-language cybercrime forum
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
iPadOS 26 is turning my iPad Air into the ultraportable laptop it was meant to be
I did not expect this $400 Marshall speaker to beat out my Bose and Sony systems like this
This Wacom drawing tablet is loaded with perks digital artists will love, and it's $100 off
7 Google alternatives that don't force AI into your search results
ChatGPT's new study mode aims to teach students, not do the work for them - and it's free
Use public charging stations? How to secure your phone from choicejacking - before it's too late
Amazon will sell you the M4 MacBook Air for $200 off - its lowest price ever
Amazon will sell you the M3 iPad Air for $100 off right now - how the deal works
I let a $5,000 robot mower in my yard - and it became an expensive lesson
Own a Samsung phone? Changing these 7 settings will drastically improve the battery life
The Hacker News
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
How the Browser Became the Main Cyber Battleground
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks
Why React Didn't Kill XSS: The New JavaScript Injection Playbook
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More
Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach
BleepingComputer
Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware
Microsoft Edge now an 'AI-powered browser' with Copilot Mode
French telecom giant Orange discloses cyberattack
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
How attackers are still phishing "phishing-resistant" authentication
Lovense sex toy app flaw leaks private user email addresses
Tea app leak worsens with second database exposing user chats
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
Endgame Gear mouse config tool infected users with malware
Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data
Cybersecurity Dive
FBI, CISA warn about Scattered Spider’s evolving tactics
Ransomware attacks against oil and gas firms surge
Research shows LLMs can conduct sophisticated attacks without humans
Allianz Life discloses massive data breach linked to supply-chain attack
Emerging cybersecurity needs: What the market is telling us
Philadelphia Indemnity Insurance discloses June data breach
Treasury sanctions North Koreans involved in IT-worker schemes
Senators push CISA director nominee on election security, agency focus
What we know about the Microsoft SharePoint attacks
Trump AI plan calls for cybersecurity assessments, threat info-sharing
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Raspberry Pi RP2350 A4 update fixes old bugs and dares you to break it again
War Games: MoD asks soldiers with 1337 skillz to compete in esports
Microsoft spotlights Apple bug patched in March as SharePoint exploits continue
Security pros are drowning in threat-intel data and it's making everything more dangerous
Majority of 1.4M customers caught in Allianz Life data heist
Aeroflot aeroflops over 'IT issues' after attackers claim year-long compromise
US spy satellite agency breached, but insists no classified secrets spilled
Congress tries to outlaw AI that jacks up prices based on what it knows about you
Blame a leak for Microsoft SharePoint attacks, researcher insists
Senator to Google: Give us info from telco Salt Typhoon probes
VentureBeat
Sparrow raises $35M Series B to automate the employee leave management nightmare
How E2B became essential to 88% of Fortune 100 companies and raised $21 million
CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone
SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more
Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely
Anthropic researchers discover the weird AI problem: Why thinking longer makes models dumber
Crowdstrike’s massive cyber outage 1-year later: lessons enterprises can learn to improve security
Google DeepMind makes AI history with gold medal win at world’s toughest math competition
How OpenAI’s red team made ChatGPT agent into an AI fortress
Salesforce used AI to cut support load by 5% — but the real win was teaching bots to say ‘I’m sorry’
TechCrunch
Google won’t say if UK secretly demanded a backdoor for user data
Tea app’s second data breach exposed over a million private messages
Telecom giant Orange warns of disruption amid ongoing cyberattack
Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers
Trump’s cybersecurity cuts putting nation at risk, warns New York cyber chief
Flights grounded as Russia’s largest airline Aeroflot hacked and systems ‘destroyed’
Dating safety app Tea breached, exposing 72,000 user images
Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack
Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers
Cybercrime forum Leak Zone publicly exposed its users’ IP addresses
Network World Security
Network jobs watch: Hiring, skills and certification trends
Multi-cloud migration startup FluidCloud emerges from stealth
2025 global network outage report and internet health check
Cisco donates AI agent tech to Linux Foundation
Huawei showcases CloudMatrix 384 AI system to rival Nvidia’s flagship
Nvidia: Latest news and insights
AI chip startup FuriosaAI strikes deal with LG with enterprise customers in mind
AI will drive more workforce expansion for tech pros than reduction, Linux Foundation reports
Sysadmins ready for AI, but skepticism abounds
AI Project Stargate struggles to get off the ground
Help Net Security
Fighting AI with AI: How Darwinium is reshaping fraud defense
Darwinium launches AI tools to detect and disrupt adversarial threats
Beyond Passwords: A Guide to Advanced Enterprise Security Protection
Intruder launches GregAI to deliver AI-powered, contextual security workflow management
Cyware expands Intelligence Suite to streamline CTI program deployment and operations
Varonis unveils Next-Gen Database Activity Monitoring for agentless database security and compliance
Booz Allen Hamilton launches Vellox Reverser to accelerate AI-powered malware analysis
Why behavioral intelligence is becoming the bank fraud team’s best friend
Ransomware will thrive until we change our strategy
The final frontier of cybersecurity is now in space
InfoSecurity Magazine
French Telco Orange Hit by Cyber-Attack
Critical Authentication Flaw Identified in Base44 Vibe Coding Platform
Auto-Color Backdoor Malware Exploits SAP Vulnerability
CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine
FBI Seizes $2.4m in Crypto from Chaos Ransomware Gang
Charity Fined After Destroying “Irreplaceable” Records
Pro-Ukraine Hacktivists Ground Dozens of Aeroflot Flights
Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable
New Scattered Spider Tactics Target VMware vSphere Environments
Third-Party Breach Impacts Majority of Allianz Life US Customers
© 2025 RiskDiscovery | Sponsored by: Deception Logic