[
News
|
Newsletters
|
Blogs
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
'GitLost' Flaw Leaks Private Data from GitHub's Agentic Workflows
'BusySnake' Infostealer Slithers into Critical Infrastructure Networks
CitrixBleed-ing Again? NetScaler Vulnerability Under Attack
JadePuffer: The First Complete LLM-Driven Ransomware Attack
Chinese LLMs Broaden the Gap Between Attackers & Defenders
Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBs
Apple Reverses Age-Old Patch Policy to Keep Up With AI
FortiBleed Actors Collaborating With Inc, Lynx Ransomware Gangs
Ransomware Thugs Masquerade as Interpol to Entice Small Biz
Anthropic's AI Finds Bugs. IBM Bets $5B It Can Fix Them.
Ars Technica
Newly discovered PamStealer isn't your typical macOS malware
T-Mobile moving tens of thousands of virtual machines off VMware amid lawsuit
New attack provides one more reason why AI browsers are a bad idea
US offers $10 million for info on group behind Signal and WhatsApp hacking spree
Notion killing Skiff-influenced email app since most users use AI agents instead
One-two punch delivered in global operation disrupts cybercrime "assembly line"
White House drastically shortens deadline for dropping quantum-vulnerable crypto
Oracle’s 21,000 layoffs help drive its debt-fueled AI investments
Following user outcry, AMD reinstates memory encryption in consumer CPUs
Microsoft discovers new lightweight backdoor that steals cryptocurrency
CyberScoop
Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities
US Army websites defaced with pro-Kurdish sentiments, insults to Trump
Sysdig clocks first documented case of agentic ransomware
Finding vulnerabilities was never the hard part
Someone infected a spyware probe overseer with spyware
Alleged longstanding member of Scattered Spider extradited to US
Researchers spot exploitation of another critical Oracle defect
US lifting export control restrictions on Anthropic’s Mythos, Fable
This phishing kit looks more like BEC-as-a-service
Citrix patches a new NetScaler flaw with echoes of CitrixBleed
InfoSecurity Magazine
Suspected Chinese Threat Group Targets Universities via Vulnerable Roundcube Servers
Scattered Spider’s Structure More Like a Cybercrime Collective Than a Unified Gang
UK Government Launches Cyber Resilience Pledge, Claiming 60+ Signatories
Hackers Exploit Maximum Severity Adobe ColdFusion Flaw
Phishing Attacks Targeted Facebook Users With Fake Verification Offer
New Iran-Nexus Hacking Group Targets Israel Government and IT Sectors
Indirect Prompt Injection in Web Content Targets AI Agents
Opera GX Flaw Let Sites Auto-Install Mods to Steal Data
NCA Issues Warning to Parents As Shared Child Photos Exploited by AI Tools
Researchers Claim First Fully Agentic Ransomware: JadePuffer
SecurityWeek
CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws
Critical Adobe ColdFusion Vulnerability Exploited in Attacks
Iran-Linked Hackers Using Modular C&C Framework in Cyberattacks
CISO Conversations: Tarah Wheeler, Cybersecurity Leader, Thought Leader and Original Thinker
Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems
Keyfactor Scores $1 Billion+ Investment for AI, Post-Quantum Security
Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks
The Shift Toward Business-Aligned Risk Management
Armored Likho APT Targeting Government, Electric Power Entities
North Korean Hackers Target Open Source Developers in Supply Chain Attacks
ZDNet
This free Android app makes sharing files so easy - available for Windows, Mac, and iOS too
Sennheiser Momentum 5 vs. Bose QuietComfort Ultra 2: I compared the two and found a winner
I've finally found an Android TV remote that is easy to use - and it's free
What's new with iPhone 18 Pro Max? Guess correctly for a chance to win an Apple Watch
Anthropic's Claude Cowork heads to the cloud as data shows 90% of sessions aren't for coding
Why this fully agentic ransomware attack is giving researchers nightmares
How to run Linux GUI apps on Android (when it actually works)
After 30 years with Linux, here's my way of convincing Windows users to switch
I enabled Android's new security feature that detects fake cell towers - here's why
This portable keyboard is the ultimate productivity tool - especially for Mac and PC users
The Hacker News
DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts
Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data
Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker
Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants
What Changes When Your Software Supply Chain Includes AI Writing Your Code?
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
BleepingComputer
Spain arrests suspected member of pro-Russian hacktivist groups
The GitHub Actions Attack Pattern Your CI Security Scanners Miss
Webinar tomorrow: Why modern email attacks require a new approach to defense
New Januscape Linux flaw allows VM escape on Intel, AMD devices
Microsoft to enable Windows settings backup by default for orgs
BeyondTrust warns of critical flaws in remote access software
Microsoft testing new Cloud Rebuild Windows 11 recovery feature
Phishing poses as big-brand job interview to steal Google accounts
Fake IT support calls on Microsoft Teams push EtherRAT malware
Vietnam arrests suspects behind HiAnime anime piracy service
gbhackers
SindriKit 1.3.0 Abuses Call Stack Spoofing to Bypass EDR Detection
TeamPCP Supply Chain Attacks Feed VECT Ransomware With Stolen CI/CD Credentials
Attackers Exfiltrate AnyDesk Configuration Data via Blat SMTP in Aerospace Phishing Campaign
Thousands of MCP Servers Found Vulnerable to File Access and Injection Attacks
Windows 11 26H2 Enables Backup Policy to Restore User Apps and Settings
US Cyber Agency Uses Anthropic Mythos to Audit Government Code for Bugs
Kazuar Backdoor Uses DLL Side-Loading and PowerShell Loaders for Stealthy Execution
Microsoft Introduces Execution Containers to Secure AI Agents on Windows
16-Year-Old Januscape KVM Escape Vulnerability Lets Attackers Compromise Linux Hosts
PHP PDO Emulated Prepares Expose pdo_pgsql to NULL Pointer Dereference Crash
Cybersecurity Dive
Alleged member of Scattered Spider extradited to US
Why schools are easy prey for hackers — and why they struggle to fight back
The security leaders defining the next decade aren’t in CISO seats yet
FortiBleed campaign traced to INC and Lynx ransomware operations
Most cybersecurity workers have been told to conceal a breach, report finds
Critical flaw in Oracle E-Business Suite is under immediate threat
Anthropic reactivates Fable, Mythos after securing government approval
Critical flaw in SimpleHelp exploited in attacks targeting sensitive credentials
DHS proposes new system for public-private infrastructure security collaboration
Insurance body confirms hackers posted Oracle PeopleSoft breach data
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Predatorgate snoopfest victims launch €8M sueball at spyware maker
Enterprise AI still smarting from leaping before looking
Fake IT bods on Microsoft Teams coax workers into installing malware
Spain collars alleged pro-Russia hacktivist after FBI tip-off
Government's cyber pledge lands 60 signatories, including M&S and, somehow, Capita
EU urged to act after Pegasus infects phone of spyware inquiry MEP
Brit supermarket giant triples down on facial recog to nab shoplifters
Moody Bible Institute breach leaves 2.3M accounts needing salvation, says cyber expert
Secure Unix ancestor KSOS did type safety before Rust made it cool
MFA-optional banks leave safe doors (and accounts) wide open for thieves to pillage
VentureBeat
Digital resilience compounds when AI and human expertise scale together
The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.
Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers
Autonomous security agents need complete data. Here's how to check if yours is ready.
Frontier AI is rewriting the economics of software supply chain security
Visa will offer an inside look at Project Glasswing and how the most powerful agentic models are changing enterprise security at VB Transform 2026
7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes
TechCrunch
Hacktivists call out Trump by hacking and defacing US Army websites
Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom
The ‘first’ AI-run ransomware attack still needed a human
Canadian spy agency says it hacked drug traffickers, extremists, and a ransomware gang last year
Alibaba reportedly bans employees from using Claude Code
Politician who investigated spyware abuses had his phone hacked with Pegasus spyware
US government says it got hacked — again
In major privacy win, Supreme Court rules geofence warrants are protected by privacy rights
Russian hackers were behind $2.5B hack of Jaguar Land Rover: Report
Polymarket says hackers stole users’ funds
Network World Security
2026 network outage report and internet health check
Envirotech Vehicles Closes Merger with Azio AI Ahead of Schedule, Positioning Combined Company to Capture $487 Billion 2026 AI Infrastructure Opportunity
Network evolution for the Agentic AI era
Meta reuses old RAM in new servers with custom bridge chip
Cloud sovereignty: First four providers sign up to CISPE certification program
Cheap Chinese chips could offer way out of RAM price crisis, Apple suggests
Cisco details Live Protect’s real-time threat mitigation capabilities
What Meta, Oracle moves say about data center economics
Network jobs watch: Hiring, skills and certification trends
Kyndryl: AI success hinges on workforce readiness
Help Net Security
Barracuda adds PAM and identity protection with Evo Security acquisition
CyberProof Agentic MXDR Service brings AI agents to managed detection and response
Picus Autonomous Exposure Validation Platform validates real-world CVE exploitability
Commvault measures cyber recovery readiness with AI attack simulations
Attackers exploit critical Adobe ColdFusion vulnerability (CVE-2026-48282)
Radware updates Agentic AI Protection with AI governance and compliance capabilities
Researchers make the case for a cybersecurity AI scientist
Review: Building Machine Learning Systems with a Feature Store
Your company already adopted AI and nobody is governing access
Apple Container: Open-source tool for Linux containers on the Mac
SC Magazine
SSH Keys Are a Silent Security Risk: The Machine Identity Crisis Explained - WC #1
uBlock Origin adds protections against ClickFix attacks
Malicious websites trick AI agents into crypto payments, context poisoning
Defense-in-depth strategies for securing mobile applications - Ryan Lloyd - ASW #390
'Bad Epoll' vulnerability allows root access on Linux and Android
U.S. Army websites defaced in apparent 404 hijacking campaign
Iranian hackers use new modular C2 framework against Israeli organizations
NatWest CEO targeted in AI deepfake scam
Sainsbury's expands facial recognition use to combat shoplifting
7 arrested in Vietnam for operating large anime piracy site HiAnime
© 2026 RiskDiscovery | Sponsored by:
Deception Logic