[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
GlassWorm Malware Returns to Shatter Developer Ecosystems
8-Minute Access: AI Accelerates Breach of AWS Environment
Dark Patterns Undermine Security, One Click at a Time
Attackers Harvest Dropbox Logins Via Fake PDF Lures
County Pays $600K to Wrongfully Jailed Pen Testers
Chinese Hackers Hijack Notepad++ Updates for 6 Months
ShinyHunters Expands Scope of SaaS Extortion Attacks
Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation
2026: The Year Agentic AI Becomes the Attack-Surface Poster Child
Ars Technica
The rise of Moltbook suggests viral AI prompts may be the next big security threat
Notepad++ users take note: It's time to check if you're hacked
AI agents now have their own Reddit-style social network, and it's getting weird fast
Developers say AI coding tools work—and that's precisely what worries them
County pays $600,000 to pentesters it arrested for assessing courthouse security
Does Anthropic believe its AI is conscious, or is that just what it wants Claude to think?
Site catering to online criminals has been seized by the FBI
Report: China approves import of high-end Nvidia AI chips after weeks of uncertainty
Users flock to open source Moltbot for always-on AI, despite major risks
There's a rash of scam spam coming from a real Microsoft address
CyberScoop
Cantwell claims telecoms blocked release of Salt Typhoon report 
What’s next for DHS’s forthcoming replacement critical infrastructure protection panel, AI information sharing
Ivanti’s EPMM is under active attack, thanks to two critical zero-days
Sean Cairncross’ cybersecurity agenda: less regulation, more cooperation
As feds pull back, states look inward for election security support
China-based espionage group compromised Notepad++ for six months
We moved fast and broke things. It’s time for a change.
DOJ seizes piracy sites, Italian police dismantle illegal IPTV operation
Google’s disruption rips millions out of devices out of malicious network
Cybersecurity can be America’s secret weapon in the AI race
InfoSecurity Magazine
Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw
SQL Injection Flaw Affects 40,000 WordPress Sites
DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon
UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery
Researchers Warn of New “Vect” RaaS Variant
Cybercrime Unit of Paris Prosecutors Raid Elon Musk’s X Offices in France
New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials
Vibe-Coded Moltbook Exposes User Data, API Keys and More
NSA Publishes New Zero Trust Implementation Guidelines
Notepad++ Update Hijacking Linked to Hosting Provider Compromise
SecurityWeek
RADICL Raises $31 Million for vSOC
RapidFort Raises $42M to Automate Software Supply Chain Security
Critical React Native Vulnerability Exploited in the Wild
Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant 
Hackers Leak 5.1 Million Panera Bread Records
Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability 
Kasada Raises $20 Million for Anti-Bot Expansion
ShinyHunters-Branded Extortion Activity Expands, Escalates
Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack
Default ICS Credentials Exploited in Destructive Attack on Polish Energy Facilities
ZDNet
I changed 6 settings on my Roku TV to instantly give it a performance boost
LG has discounted its Gram Pro laptop by $500 for a limited time (and you get a free monitor too)
Xcode 26.3 finally brings agentic coding to Apple's developer tools
Why I recommend this $200 Motorola phone over budget Google and Samsung models
Google Pixel 10 Pro XL vs. Samsung Galaxy S25 Ultra: I tested both Androids, and it's a close one
I unplugged these 7 common household devices to noticeably reduce my electricity bills
Your library card unlocks a free movie streaming service most people don't know about
How much RAM do you really need in 2026? A Windows and Mac expert explains
You can still buy last year's LG OLED TV for $1,500 off at Best Buy, and I can vouch for it
Samsung is selling last year's premium QLED TV for $1,300 off, and I highly recommend it
The Hacker News
Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata
[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
When Cloud Outages Ripple Across the Internet
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox
Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos
BleepingComputer
Step Finance says compromised execs' devices led to $40M crypto theft
Wave of Citrix NetScaler scans use thousands of residential proxies
CISA flags critical SolarWinds RCE flaw as exploited in attacks
Iron Mountain: Data breach mostly limited to marketing materials
AI Agent Identity Management: A New Security Control Plane for CISOs
UK privacy watchdog probes Grok over AI-generated sexual images
Hackers exploit critical React Native Metro bug to breach dev systems
French prosecutors raid X offices, summon Musk over Grok deepfakes
New GlassWorm attack targets macOS via compromised OpenVSX extensions
Russian hackers exploit recently patched Microsoft Office bug in attacks
gbhackers
GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target Developers
Infostealer Attacks Hit macOS, Abusing Python and Trusted Platforms
Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials
Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive Data
PDFly Variant Uses Custom PyInstaller Tweaks to Obfuscate Payload, Thwarting Analysis
ASUS Discontinues “File Shredder” Feature to Patch Critical Vulnerability
Microsoft Takes Major Security Step by Disabling NTLM Authentication by Default
Fake Party Invites Lure Victims Into Installing Malicious Remote Access Tools
HoneyMyte Hacker Group Expands CoolClient Malware With New Advanced Toolset
Chollima APT Hackers Weaponize LNK Files to Deploy Sophisticated Malware
Cybersecurity Dive
AI-ISAC inches forward under Trump administration
National cyber director solicits industry help in fixing regulations, threat information-sharing
Critical flaws in Ivanti EPMM lead to fast-moving exploitation attempts
National cybersecurity strategies depend on public-private trust, report warns
ShinyHunters escalates tactics in extortion campaign linked to Okta environments
FCC urges telecoms to boost cybersecurity amid growing ransomware threat
Voice channels are the next major attack vector that security teams can’t monitor
Cybersecurity 2026: AI, CISA, manufacturing sector all in the hot seat
Cisco sees vulnerability exploitation top phishing in Q4
How Granite complied with new federal cyber regs before a critical deadline
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Critical React Native Metro dev server bug under attack as researchers scream into the void
CISA updated ransomware intel on 59 bugs last year without telling defenders
X marks the raid: French cops swoop on Musk's Paris ops
Microsoft finally sends TLS 1.0 and 1.1 to the cloud retirement home
Polish cops bail 20-year-old bedroom botnet operator
DIY AI bot farm OpenClaw is a security 'dumpster fire'
British military to get legal OK to swat drones near bases
Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor
StopICE hacked to send alarming text messages, admins accuse border patrol agent of sabotage
Russia-linked APT28 attackers already abusing new Microsoft Office zero-day
VentureBeat
OpenClaw proves agentic AI works. It also proves your security model doesn't. 180,000 developers just made that your problem.
Infostealers added Clawdbot to their target lists before most security teams knew it was running
SOC teams are automating triage — but 40% will fail without governance boundaries
Theorem wants to stop AI-written bugs before they ship — and just raised $6M to do it
MCP shipped without authentication. Clawdbot shows why that's a problem.
Browser-based attacks hit 95% of enterprises — and traditional security tools never saw them coming
Researchers broke every AI defense they tested. Here are 7 questions to ask vendors.
TechCrunch
Homeland Security is trying to force tech companies to hand over data about Trump critics
French police search X office in Paris, summon Elon Musk for questioning
Notepad++ says Chinese government hackers hijacked its software updates for months
Informant told FBI that Jeffrey Epstein had a ‘personal hacker’
Russian hackers breached Polish power grid thanks to bad security, report says
Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach
Apple’s new iPhone and iPad security feature limits cell networks from collecting precise location data
AI security startup Outtake raises $40M from Iconiq, Satya Nadella, Bill Ackman, and other big names
Trump’s acting cybersecurity chief uploaded sensitive government docs to ChatGPT
The conference where founders scale: TechCrunch Founder Summit 2026 tickets are now live at the lowest prices
Network World Security
Cisco: Latest news and insights
Cisco: Infrastructure, trust, model development are key AI challenges
Nvidia: Latest news and insights
2026 network outage report and internet health check
Eying AI factories, Nvidia buys bigger stake in CoreWeave
AI, security tailwinds signal promising 2026 for Cisco
Quantum computing is getting closer, but quantum-proof encryption remains elusive
Enterprise Spotlight: Manufacturing Reimagined
Startup Amutable plotting Linux security overhaul to counter hacking threats
Forward Networks launches agentic AI system built on network digital twin
Help Net Security
Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)
Gremlin launches Disaster Recovery Testing for zone, region, and datacenter failovers
Download: Tines Voice of Security 2026 report
Notepad++ supply chain attack: Researchers reveal details, IoCs, targets
Sandisk brings SPRandom to open source for large SSD testing
Firefox to let users manage and block AI features
Snowflake makes enterprise data AI-ready with native Postgres in its AI Data Cloud
OpenAI releases Codex macOS app for agent-based software development
Why boards must prioritize non-human identity governance
Open-source attacks move through normal development workflows
SC Magazine
DBII, Notepad++, Covenant, Fancy Bear, CTFs, Firefox, AI Slop, Josh Marpet, and More - SWN #552
Microsoft Office bugs exploited by Russia-linked APT28
ICIT's Center for FCEB Resilience: Strengthening federal civilian agencies
CrossCurve bridge loses $3 million in smart contract exploit
Panera Bread data breach affects 5.1 million accounts, not 14 million
Canada Computers cyberattack exposes customer data, including credit card details
A roadmap for today’s vibe coding  
Keeping code secure as generative AI accelerates software development
Focusing on Proactive Controls in the Face of LLM-Assisted Malware - Rob Allen - ASW #368
NSA nominee backs Section 702 amid renewal, privacy concerns
© 2026 RiskDiscovery | Sponsored by: Deception Logic