[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
War Game Exercise Demonstrates How Social Media Manipulation Works
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm
Adobe Patches Actively Exploited Zero-Day That Lingered for Months
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness
APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
Hims Breach Exposes the Most Sensitive Kinds of PHI
Your Next Breach Will Look Like Business as Usual
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
Orange Business Reimagines Enterprise Voice Communications With Trust and AI
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
Ars Technica
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
CyberScoop
Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign
Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey
Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos
OpenAI’s Mac apps need updates thanks to the Axios hack
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Why is the timeline to quantum-proof everything constantly shrinking?
Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’
Don’t just fight fraud, hunt it
Hack-for-hire spyware campaign targets journalists in Middle East, North Africa
InfoSecurity Magazine
CISOs Urged to Innovate with Talent Retention as Job Satisfaction Declines
Triad Nexus Expands Global Fraud Operations Despite US Sanctions
Malicious Chrome Extensions Campaign Exposes User Data
AI Security Institute Advocates Security Best Practices After Mythos Test
Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat
Mirax Android Trojan Turns Devices Into Residential Proxy Nodes
FBI Dismantles $20m Phishing Operation W3LL
UK Cyber Security Council Launches Associate Cyber Security Professional Title
Operation Atlantic Seizes $12m in Crypto Losses
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
SecurityWeek
Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities
Adobe Patches 55 Vulnerabilities Across 11 Products
‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats
Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members
SAP Patches Critical ABAP Vulnerability
Triad Nexus Evades Sanctions to Fuel Cybercrime
Google Adds Rust DNS Parser to Pixel Phones for Better Security
Nightclub Giant RCI Hospitality Reports Data Breach
Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities
Booking.com Says Hackers Accessed User Information
ZDNet
Tired of Gemini interrupting you? This Google Home update fixes that and more
Is your Pixel battery draining faster lately? These 4 temporary fixes helped me
You can try Linux 7.0 now on these distros - here's what's new
I tested every 'allergy-friendly' smart home gadget - these 6 actually keep the pollen out
Chrome's new 'Skills' update lets you save AI prompts now - for one-click reuse
How to share audio from your Android phone to multiple earbuds (and why it's genius)
How to use Google Messages' new Trash feature to recover texts you accidentally deleted
Why the Apple Watch's 20-minute calibration test is worth your time - especially if you're data curious
I'm ready for a foldable iPhone, but only if Apple does this right
Meta is selling refurbished Ray-Bans for as low as $197 right now - but they're going fast
The Hacker News
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
BleepingComputer
Microsoft releases Windows 10 KB5082200 extended security update
McGraw-Hill confirms data breach following extortion threat
Windows 11 cumulative updates KB5083769 & KB5082052 released
Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
5 Ways Zero Trust Maximizes Identity Security
European Gym giant Basic-Fit data breach affects 1 million members
Stolen Rockstar Games analytics data leaked by extortion gang
Critical flaw in wolfSSL library enables forged certificate use
gbhackers
Security Risk Advisors Purple Team Participants Can Now Earn CPE Credits
Mirax Android RAT Hijacks Infected Phones as Residential Proxies
PlugX USB Worm Hits Multiple Continents via DLL Sideloading
Botnet Exposed: Hackers Leave Worker Access and Root Passwords Wide Open
Janela RAT Spreads via Fake MSI Installers, Malicious Extensions
Critical etcd Vulnerability Allows Unauthorized Access to Sensitive Cluster APIs
AI Codex Exploits Samsung TV Driver Flaw to Gain Root Access
CISA Alerts on Exploited Microsoft Exchange and Windows CLFS Security Flaws
Hackers Exploit Obsidian Plugin to Deploy Cross-Platform Malware
Hackers Exploit Critical ShowDoc RCE Flaw in Ongoing Attacks
Cybersecurity Dive
Brute-force cyberattacks originating in Middle East surge in Q1
FCC signals continued commitment to Cyber Trust Mark program
CISOs see gaps in their incident response playbooks
US, Indonesia shut down ‘sophisticated’ phishing kit
Stryker warns of earnings fallout from March cyberattack
Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign
NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog
US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure
Iran-linked hackers target water, energy in US, FBI and CISA warn
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
No honor among thieves as 0APT threatens rival ransomware gang Krybit
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
Fake Linux leader using Slack to con devs into giving up their secrets
Booking.com warns reservation data may have checked out with intruders
Gym giant Basic-Fit confirms data on a million members stolen in cyberattack
Rockstar Games gets a taste of grand theft data
NHS pays £46K to prep next Microsoft licensing round
China wants AI to prepare school lessons and mark homework
Anthropic's mysterious Mythos AI threatens to upend the infosec world
Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise
VentureBeat
43% of AI-generated code changes need debugging in production, survey finds
Five signs data drift is already undermining your security models
Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot
AI agent credentials live in the same box as untrusted code. Two new architectures show where the blast radius actually stops.
Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook
AI agents that automatically prevent, detect and fix software issues are here as NeuBird AI launches Falcon, FalconClaw
Closing the data security maturity gap: Embedding protection into enterprise workflows
TechCrunch
Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites
Anthropic co-founder confirms the company briefed the Trump administration on Mythos
Adobe fixes PDF zero-day security bug that hackers have exploited for months
FBI announces takedown of phishing operation that targeted thousands of victims
Booking.com confirms hackers accessed customers’ data
Hack at Anodot leaves over a dozen breached companies facing extortion
France to ditch Windows for Linux to reduce reliance on US tech
Hacker stole £700,000 from UK energy company by redirecting payment
WireGuard VPN developer can’t ship software updates after Microsoft locks account
Hack-for-hire group caught targeting Android devices and iCloud backups
Network World Security
Cisco just made two moves to own the AI infrastructure stack
Data centers are moving inland, away from some traditional locations
2026 network outage report and internet health check
DNS security is often inadequate, and network engineers should get more involved
Fixing encryption isn’t enough. Quantum developments put focus on authentication
Curious about quantum? Check out training options from ISC2, IBM, AWS and more
Linux 7.0 debuts with some big changes for networking
Intel: Latest news and insights
AI demand is so high, AWS customers are trying to buy out its entire capacity
Intel secures Google cloud and AI infrastructure deal
Help Net Security
OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support
Testing reveals Claude Mythos’s offensive capabilities and limits
W3LL phishing service sold for $500 dismantled by the FBI
Claroty advances CPS security with Visibility Orchestration in xDome
Oligo enables real-time exploit detection and blocking at application runtime
DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend
Basic-Fit hack compromises data of up to 1 million members
DataVisor brings conversational AI agents to fraud and AML operations
Booking.com data breach: Customer reservation data exposed
Binary Defense expands NightBeacon with threat-aligned Detection Coverage Index
SC Magazine
Poll: Europeans distrust US and Chinese data handling, favoring homegrown tech
ViperTunnel backdoor targets UK, US businesses with advanced Python techniques
Fake Claude website distributes PlugX RAT via DLL sideloading
Critical wolfSSL vulnerability allows forged certificates
JanelaRAT malware continues to target Latin American banks
JSOC IT's Sam Sawalhi: Telling the room what it needs to hear
UK thwarts Russian subsea cable intelligence operation
Booking.com data breach exposes user reservation details
ShowDoc vulnerability actively exploited
Basic-Fit data breach exposes personal information of 1 million customers
© 2026 RiskDiscovery | Sponsored by: Deception Logic