[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
Check Point VPN Flaw Exploited Since Early May
Iran Signed a Ceasefire — Its Hackers Didn't
'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud
Exposed Fuel Tank Gauges Under Attack in the US
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat
Trump AI Order Seeks Voluntary Frontier Model Testing
Rust-Written IronWorm Hits NPM Supply Chain
Ars Technica
High-severity vulnerability in Linux caused by a single errant character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
CyberScoop
CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector
Cisco customers encounter another SD-WAN zero-day under attack
Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint
The AI security race needs accountability, not overregulation
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
Hill Dems hammer GOP for $250M CISA budget cut
Your AI agent could become your biggest insider threat 
Inside the race to adapt to an AI-powered security world
European authorities crack down on illegal streaming networks
DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
InfoSecurity Magazine
75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds
AI Coding Adoption Hits 97% but Governance Lags Behind
Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request
Google Releases Patch for Chrome Vulnerability Exploited in the Wild
Check Point Warns Critical Auth Bypass Bug Exploited in the Wild
Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack
WhatsApp Discovers NSO Group-Linked Spearphishing Attempts
North Korean Hackers Use Fake Coding Tasks to Steal Crypto
OpenAI Unveils ChatGPT Account Security Controls
Infosecurity Europe: Prompt Injection Remains Unsolved, OWASP Researcher Warns
SecurityWeek
Anthropic Launches Claude Fable 5: Mythos-Class AI With Cybersecurity Guardrails 
OpenSSL Patches High-Severity Vulnerability Found With AI
Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation
New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications
SAP Patches Critical NetWeaver, Commerce Vulnerabilities
Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
Will AI Kill the Bug Bounty Industry?
Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks
Google Patches 5th Chrome Zero-Day Exploited in 2026
A Security Raises $37 Million for Autonomous Offensive Security Platform
ZDNet
The best early Prime Day TV deals actually worth your time: Samsung, Sony, and more
US workers are the world's biggest AI skeptics - and it's not just about job loss
Amazon Prime members can buy a car online now - and get a $1,500 gift card
This silent Android feature scans your photos for 'sensitive content' - how to uninstall it
I tested iOS 27's new AI photo editing tools as a skeptic - and the results surprised me
RakuOS fixes the one thing that annoys me most about immutable Linux distros
What you give up when you put on a smartwatch or ring
Wearables produce huge amounts of health data - and doctors are struggling to keep up
I'm using these 7 Linux wellness apps to take better care of myself in 2026
The biggest risks lurking inside your at-home DNA and health tests
The Hacker News
Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now
The Hidden Security Risk in Modern Networks: The Work Between Tools
New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public
Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order
BleepingComputer
XBOW tests Anthropic's Mythos Preview for offensive security
GitHub disables Microsoft repos pushing password-stealing malware
New Veeam vulnerability exposes backup servers to RCE attacks
French govt messaging service breached in account hijacking attack
CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
Google patches new Chrome zero-day flaw exploited in the wild
NFCShare Android malware spreads via fake banking app updates on GitHub
SoFi confirms third-party data breach at Hong Kong subsidiary
New Apple feature automatically changes your compromised passwords
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
gbhackers
MagicAd Android Malware Bypasses Restrictions to Flood Devices With Ads
Microsoft Defender Adds Monitoring for RPC Protocol Abuse in Cyberattacks
LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers
New BitB Phishing Attack Targets Microsoft 365 Logins
North Korea Hackers Weaponize GitHub to Target Developers
Ghost-Sender Flaw Exposes Exchange Online Users to Sender Spoofing Attacks
Microsoft Entra Agent ID Logs Expose Suspicious Assistive Agent Activity
Linux Kernel Flaw Allows Local Attackers to Gain Root Privileges
Top 10 Best Zero Trust Network Access (ZTNA) Solutions 2026
WhatsApp Blocks Pegasus Spyware Campaign Linked to NSO Group
Cybersecurity Dive
Check Point warns of zero-day flaw targeted by ransomware affiliate
IT sector faces growing threats from IP-hungry China, AI-enabled cybercriminals
Cyber insurance policyholders facing heavier scrutiny in underwriting, claims
Companies aren’t prepared for how AI is accelerating impersonation attacks
The new risk equation: Why endpoint security is a financial imperative
Cisco warns zero-day flaw in SD-WAN is being exploited
Sprawling new House AI bill includes frontier model oversight, open-source security grants
CISA chief says Trump AI executive order implementation will start soon
CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand
‘Don’t panic’: AI reality checks dominate major cybersecurity conference
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Apple’s iOS 27 goes all agentic on compromised passwords, promises to change them with one tap
Signal says UK plan to scan devices for nude images 'endangers us all'
Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year
France probes compromise of gov messaging platform after account hijack
Qilin NHS breach tally grows as Essex trust confirms stolen records
Norks blast 250+ fake job offers to developers over 6 weeks to try and snarf creds and crypto
Ransomware crims got a month-long head start on Check Point VPN 0-day that now has a fix
Ransomware sends Illinois high school on an early summer vacation
GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections
NSO Group back in Meta's crosshairs after alleged WhatsApp targeting
VentureBeat
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
TechCrunch
Microsoft’s open source tools were hacked to steal passwords of AI developers
WhatsApp says it caught new spyware attacks linked to NSO Group in violation of court order
Massachusetts votes to pass new privacy rights bill that bans sale of precise location data
Hacked, leaked, and held for ransom: The worst breaches of 2026 so far
OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks
Former cyber executive turned whistleblower accuses IBM of covering up several data breaches
Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person
NSA said to be readying Anthropic’s Mythos for use in cyber operations
Filtr is a new privacy tool that blocks ads in almost every iPhone and Mac app
Defense tech, AI, and fundraising take center stage at StrictlyVC Los Angeles on June 18
Network World Security
Zscaler launches zero trust platform for agentic AI
AI inference moving to private clouds, Broadcom says
2026 network outage report and internet health check
Attackers exploiting unpatched Cisco SD-WAN flaw
Enterprise network teams are falling behind as AI raises the stakes
New data center routing design cuts AWS networking energy costs by 40%, Amazon claims
Cisco: Latest news and insights
Network jobs watch: Hiring, skills and certification trends
How Cisco IT cut observability costs by 86% and eliminated major network outages
Microsoft makes Linux developers feel more at home in Windows with Coreutils release
Help Net Security
French government messaging platform breached through account hijacking
Elastic brings AI-driven incident investigation to Kubernetes and observability tools
Filigran launches XTM One to automate CTEM with AI agents
Rockwell Automation adds AI-powered security tools to SecureOT Suite
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)
Apple Intelligence can now replace weak passwords without user intervention
Apple expands what parents can block, approve, and limit
Mythos Preview can weaponize N-day vulnerabilities in hours
The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
SC Magazine
AI-Generated Code Security Risks: Why “Vibe Coding” Can Break Your App - WC #1
Time to integrate AI into the core of the business
Apple Intelligence to automatically fix weak passwords with iOS 27
Suspected North Korean actors use fake ‘coding assignments’ to steal crypto
Scanner Results Are a Starting Point. Here's What Comes Next. - Federico Kirschbaum - ASW #386
American citizen pleads guilty to spying for China
Check Point patches critical VPN flaw exploited in zero-day attacks
FTC orders Illuminate Education to improve data security after student data breach
Guardz introduces agentic reporting to simplify MSP security communication
Massachusetts lawmakers pass consumer data privacy bill
© 2026 RiskDiscovery | Sponsored by: Deception Logic