[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Microsoft Exchange Zero-Day Under Attack, No Patch Available
'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments
Shai-Hulud Worm Clones Spread After Code Release
Fuel Tank Breaches Expand Scope of Iran's Cyber Offensive
The Boring Stuff Is Dangerous Now
Boulevard of Broken Dreams: 2 Decades of Cyber Fails
Can Laws Stop Deepfakes? South Korea Aims to Find Out
Congress Puts Heat on Instructure After Canvas Outage
Cyber Pioneers Ponder Past as Prologue
Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems
Ars Technica
Zero-day exploit completely defeats default Windows 11 BitLocker protections
Cisco announces record revenue and 4,000 layoffs in the same day
Linux bitten by second severe vulnerability in as many weeks
Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
Ars Asks: Share your shell and show us your tricked-out terminals!
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Why Reddit blocked my daily visit to its mobile website
GameStop offers $56 billion for eBay, struggles to explain how it'll pay for it
Ubuntu infrastructure has been down for more than a day
CyberScoop
AI might cut false positives, but it won’t stop the slop 
Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa
The Canvas breach proved that prevention is no longer enough
Former CISA nominee Sean Plankey named US CEO of defense startup
Colorado governor commutes prison sentence for election denier Tina Peters 
Here’s how the FTC plans to enforce the Take It Down Act
Cisco zero-day under ongoing attack by persistent threat group
Pentagon cyber official calls advanced AI ‘revolutionary warfare’
White House cyber official: identity security matters more than ever in the age of AI
Major tech manufacturer Foxconn confirms cyberattack hit North American factories
InfoSecurity Magazine
Interpol Launches Sweeping Cybercrime Crackdown in MENA Region
The Infosecurity Europe Cyber Startup Competition: Meet the Finalists
NCSC Publishes Guidance on Securing Agentic AI Use
Security Researchers Find 47 Zero-Days at Pwn2Own Berlin
Bank of England, FCA and Treasury Raise Alarm Over Frontier AI
Gremlin Stealer Evolves into Modular Threat with Advanced Evasion Capabilities
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
Mustang Panda Linked to Updated FDMTP Backdoor in Asia-Pacific Espionage Campaign
Google Launches Android Spyware Forensics Tool for High-Risk Users
SecurityWeek
Millions Impacted Across Several US Healthcare Data Breaches
‘Claw Chain’ OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery
7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand
Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE
First Shai-Hulud Worm Clones Emerge
Grafana Confirms Breach After Hackers Claim They Stole Data
Exploitation of Critical NGINX Vulnerability Begins
Hackers Earn $1.3 Million at Pwn2Own Berlin 2026 
PoC Code Published for Critical NGINX Vulnerability
In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws
ZDNet
Google I/O 2026 live blog: Updates on Android, Gemini AI, XR, and more we expect
6 cable, cords, and adapters that are still surprisingly useful - and I never throw away
Microsoft surprises with its first server Linux distribution: Azure Linux 4.0
Cloud attacks are getting faster and deadlier - 4 ways to secure your business
5 ways to fortify your network against the new speed of AI attacks
How to upgrade your 'incompatible' Windows 10 PC to Windows 11 - for free
I found the best early Memorial Day Walmart deals: Apple, Dyson, and more on sale
Why Wave is my new go-to terminal app - how I use this powerful tool
I asked Codex AI to customize my Hyprland desktop - it worked, but beginners beware
Microsoft is finally bringing the movable taskbar to Windows 11 - here's who can try it now
The Hacker News
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
How to Reduce Phishing Exposure Before It Turns into Business Disruption
Developer Workstations Are Now Part of the Software Supply Chain
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
BleepingComputer
INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
SHub macOS infostealer variant spoofs Apple security updates
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
Leaked Shai-Hulud malware fuels new npm infostealer campaign
Grafana says stolen GitHub token let hackers steal codebase
Microsoft testing adjustable taskbar, Start menu in Windows 11
Microsoft confirms Windows 11 security update install issues
Exploit available for new DirtyDecrypt Linux root escalation flaw
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
gbhackers
Gamaredon Deploys GammaDrop, GammaLoad in Phishing Campaigns
Gremlin Stealer Hides Payloads in .NET Resources to Evade Detection
Critical NGINX Vulnerability Lets Hackers Launch Remote Code Execution Attacks
Paper Werewolf APT Spreads EchoGather RAT via Fake Adobe Installer
Hackers Abuse Cloudflare Storage to Exfiltrate Network Files
Microsoft Acknowledges Windows 11 Update Failure Linked to Error 0x800f0922
Hackers Hide PureLogs Infostealer in PawsRunner Loader
Critical Marimo RCE Flaw Could Let Attackers Execute Malicious Code Remotely
n8n Security Flaws Could Let Attackers Achieve Remote Code Execution
OtterCookie Malware Steals Dev Secrets, SSH Keys, Cloud Credentials, and Tokens
Cybersecurity Dive
Grafana Labs says hacker gained access to codebase through leaked token
How a government contest launched a revolution in AI-based bug hunting
Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
MSPs need AI to fight AI-fueled cyberthreats: Guardz
More money is going to physical security, but it’s often CISOs that oversee it: EY
Frontier AI models reap rapid discovery of security vulnerabilities
West Pharmaceutical starts restoring operations after ransomware attack
Foxconn confirms cyberattack affecting some North American facilities
OpenAI launches Daybreak to combat cyber threats
Canvas owner reaches ‘agreement’ with threat actors after data breach
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them
Shai-Hulud copycat worm infects yet another npm package
Linux kernel flaw opens root-only files to unprivileged users
TanStack weighs invitation-only pull requests after supply chain attack
NGINX Rift attackers waste no time targeting exposed servers
Poland directs officials to ditch Signal in favor of 'secure' state-developed alternative
F-35 software delays leave UK buying time with US glide bombs
Mozilla warns UK: Breaking VPNs will not magically fix Britain's age-check mess
Grafana Labs admits all its codebase are belong to someone who popped its GitHub account
Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’
VentureBeat
Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering
Agent authorization is broken — and authentication passing makes it worse
Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps
Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses
AI agents are running hospital records and factory inspections. Enterprise IAM was never built for them.
AI tool poisoning exposes a major flaw in enterprise agent security
5,000 vibe-coded apps just proved shadow AI is the new S3 bucket crisis
TechCrunch
NYC Health + Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people
Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom
A hotel check-in system left a million passports and driver’s licenses open for anyone to see
US orders travelers on Air Force One to throw away gifts, pins, and burner phones after China trip
OpenAI says hackers stole some data after latest code security issue
A spyware investigator exposed Russian government hackers trying to hijack Signal accounts
Cisco cuts nearly 4,000 jobs to spend more on AI, reports ‘record quarterly revenue’
This is what some of the world’s largest banks of malware look like stacked as hard drives
Ransomware hackers claim breach at Foxconn, a major electronics manufacturer for Apple, Google, and Nvidia
US lawmakers demand answers from Instructure after Canvas data breaches
Network World Security
NetOps teams look to AI to automate Day 2 operations
Cisco warns of an actively exploited SD-WAN flaw with max severity
Digital twins reshape network and data center management
Network outages, power failures strain data center resiliency
Five takeaways from Cisco’s blowout quarter and what it means to customers
Cisco to cut nearly 4,000 jobs despite strong growth in AI, enterprise networking
Startup SPAN teams with Nvidia to put data center nodes in your backyard
Hard drive shortages are putting the squeeze on enterprise storage buyers
Wi-Fi 8 is closer than you think. Here’s what you need to know
Cisco open-sources agentic AI security spec
Help Net Security
AI is drowning software maintainers in junk security reports
Game over for 74 suspected scammers after Dutch cops plastered their faces on billboards
Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
SmartBear expands ReadyAPI with AI-powered API testing capabilities
Attackers accessed, downloaded code from Grafana Labs’ GitHub
201 arrested in INTERPOL disruption of phishing and fraud networks
The AI backdoor your security stack is not built to see
Lyrie: Open-source autonomous pentesting agent
AI shrinks vulnerability exploitation window to hours
Product showcase: McAfee + ChatGPT integration turns doubt into a scam check
SC Magazine
Windows 11 update KB5089549 causes installation errors due to low EFI partition space
Malaysian government-linked campaign used hidden infrastructure for years
Mate Security introduces continuous detection and response model
Ransomware group 'The Gentlemen' suffers internal breach, exposing operations
Interpol operation leads to 201 arrests in Middle East and North Africa cybercrime crackdown
Spotify outage caused by DDoS attack claimed by hacking group
Critical bug in F5 NGINX actively exploited
Tycoon2FA phishing kit evolves with device-code attacks on Microsoft 365
Grafana Labs discloses GitHub environment breach, source code downloaded
Consumers face increasing online scams, as AI fuels sophisticated attacks
© 2026 RiskDiscovery | Sponsored by: Deception Logic