[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Cylake Offers AI-Native Security Without Relying on Cloud Services
North Korean APTs Use AI to Enhance IT Worker Scams
EU Auto Rules Shift Gears on Cybersecurity Standards
Iran's Cyber-Kinetic War Doctrine Takes Shape
Cyberattack on Mexico's Gov't Agencies Highlight AI Threat
Nation-State Actor Embraces AI Malware Assembly Line
Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform
Cisco Drops 48 New Firewall Vulnerabilities, 2 Critical
Fig Security Emerges From Stealth to Fix Broken Security Operations
Software Development Practices Help Enterprises Tackle Real-Life Risks
Ars Technica
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
Amazon appears to be down, with over 20,000 reported problems
Trump gets data center companies to pledge to pay for power generation
Downdetector, Speedtest sold to IT service-provider Accenture in $1.2B deal
LLMs can unmask pseudonymous users at scale with surprising accuracy
Google quantum-proofs HTTPS by squeezing 15kB of data into 700-byte space
New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises
Password managers' promise that they can't see your vaults isn't always true
Most VMware users still "actively reducing their VMware footprint," survey finds
Retraction: After a routine code rejection, an AI agent published a hit piece on someone by name
CyberScoop
The long-awaited Trump cyber strategy has arrived
Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI
DHS CISO, deputy CISO exit amid reported IT leadership overhaul
Congress looks to revive critical cyber program for rural electric utilities
FBI targeted with ‘suspicious’ activity on its networks
HHS updates a free risk tool to help hospitals size up their cybersecurity exposure
Phobos ransomware leader pleads guilty, faces up to 20 years in prison
Cisco reveals 2 max-severity defects in firewall management software
Global coalition dismantles Tycoon 2FA phishing kit
LLMs are getting better at unmasking people online 
InfoSecurity Magazine
Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor
Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns
AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns
ContextCrush Flaw Exposes AI Development Tools to Attacks
Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns
Zero-Click FreeScout Bug Enables Remote Code Execution
Cisco Issues Patches for 48 Vulnerabilities in Enterprise Networking Products
Europol Operation Seizes LeakBase Data Breach Site
Coalition of Western Countries Launches 6G Cybersecurity Guidelines
Global Takedown Neutralizes Tycoon2FA Phishing Service
SecurityWeek
Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited
US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies
Over 100 GitHub Repositories Distributing BoryptGrab Stealer
Pentagon’s Chief Tech Officer Says He Clashed With AI Company Anthropic Over Autonomous Warfare
FBI Investigating ‘Suspicious’ Cyber Activity on System Holding Sensitive Surveillance Information
ArmorCode Raises $16 Million for Exposure Management Platform
In Other News: FBI Hacked, US Security Pro Killed in Iran War, Hijacked Cameras Used in Khamenei Strike
CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List
Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks
James ‘Aaron’ Bishop Tapped to Serve as New Pentagon CISO
ZDNet
Best VPN services 2026: Expert tested and recommended
3 tiny gadgets I trust to block electrical surges, data-stealing software, and more
Sony WH-1000XM6 review: Still the king of ANC headphones? My verdict after months of testing
How to turn off HDMI-CEC on your TV - and why doing so is such a big deal
Apple AirPods Pro 3 review: I didn't think earbuds could pull off immersive ANC like this
Skylight Calendar 2 review: How this smart tablet keeps my large family organized
iPhone 17e vs. iPhone 17: I compared both models to uncover the $200 difference
Best travel VPNs of 2026: Expert tested and reviewed
Bose QuietComfort Ultra (2nd Gen) review: These headphones give Sony a run for its money
Samsung confirms smart glasses capabilities to compete with Meta Ray-Bans - what's coming
The Hacker News
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
BleepingComputer
EU court adviser says banks must immediately refund phishing victims
Hackers abuse .arpa DNS and ipv6 to evade phishing defenses
Termite ransomware breaches linked to ClickFix CastleRAT attacks
Microsoft: Hackers abusing AI at every stage of cyberattacks
Cognizant TriZetto breach exposes health data of 3.4 million patients
CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
Fake Claude Code install guides push infostealers in InstallFix attacks
Microsoft 365 Backup to add file-level restore for faster recovery
Ghanain man pleads guilty to role in $100 million fraud ring
gbhackers
Cybercrime Group in Vietnam Enables Massive Fraudulent Signups
1-Click ZITADEL Vulnerability Could Allow Full System Takeover
Nginx UI Vulnerabilities Let Attackers Download Full System Backups
ExifTool Vulnerability Lets Malicious Images Trigger macOS Code Execution
Hikvision Multiple Product Vulnerability Could Let Attackers Escalate Privileges
Critical ExifTool Vulnerability Allows Malicious Images to Execute Code on macOS
Transparent Tribe’s ‘Vibeware’ Move Points to AI-Made Malware at Scale
WiFi Signals Can Track Human Activity Through Walls by Mapping Body Keypoints
Microsoft: Fake AI Extensions Breached Chat Histories in 20,000+ Enterprise Tenants
CISA Alerts Users to Actively Exploited Vulnerabilities Impacting macOS and iOS
Cybersecurity Dive
How AI will impact security careers and what leaders should do about it
4 best practices to get IAM implementation right the first time
Trump’s new cybersecurity strategy makes promises but lacks details
HHS adds cybersecurity guidance to healthcare sector self-assessment tool
Nearly half of exploited zero-day flaws target enterprise-grade technology
Microsoft, Europol disrupt global phishing platform Tycoon 2FA
Plankey’s nomination as CISA director now in jeopardy
Iran-nexus hackers target flaws in surveillance cameras
CrowdStrike reports record quarter amid investor concerns about AI impact
Pro-Russia actors team with Iran-linked hackers in attacks
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Royal Navy races to arm ships against drone threat
Iran is the first out-loud cyberwar the US has fought
FBI is investigating breach that may have hit its wiretapping tools
AI agents now help attackers, including North Korea, manage their drudge work
Firefox taps Anthropic AI bug hunter, but rancid RAM still flipping bits
Spyware disguised as emergency-alert app sent to Israeli smartphones
Cisco warns of two more SD-WAN bugs under active attack
Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal
Son of government contractor arrested after alleged $46M crypto heist from US Marshals
Microsoft finally gets around to fixing Windows 10 Recovery Environment after breaking it in October
VentureBeat
Pentagon vendor cutoff exposes the AI dependency map most enterprises never built
Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure
What if the real risk of AI isn’t deepfakes — but daily whispers?
When AI lies: The rise of alignment faking in autonomous systems
Enterprise MCP adoption is outpacing security controls
Claude didn't just plan an attack on Mexico's government. It executed one for a month — across four domains your security stack can't see.
Anthropic says DeepSeek, Moonshot, and MiniMax used 24,000 fake accounts to rip off Claude
TechCrunch
Ring’s Jamie Siminoff has been trying to calm privacy fears since the Super Bowl, but his answers may not help
Anthropic’s Claude found 22 vulnerabilities in Firefox over two weeks
TriZetto confirms 3.4M people’s health and personal data was stolen during breach
FBI investigating hack on its wiretap and surveillance systems: Report
Italian prosecutors confirm journalist was hacked with Paragon spyware
FYI: Impersonators are (still) targeting companies with fake TechCrunch outreach
Google says half of all zero-days it tracked in 2025 targeted buggy enterprise tech
US and EU police shut down LeakBase, a site accused of sharing stolen passwords and hacking tools
A suite of government hacking tools targeting iPhones is now being used by cybercriminals
Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran
Network World Security
Cisco: LPO not a panacea but plays strategic role in AI networks
AI transforms ‘dangling DNS’ into automated data exfiltration pipeline
Data center new builds diminish even as demand rises
Cisco issues emergency patches for critical firewall vulnerabilities
Cisco: Latest news and insights
Lack of regulatory action on hyperscaler dominance prompts inquiry chair to quit
Digital sovereignty options for on-prem deployments
Cato Networks brings adaptive threat defense to SASE
AMD: Latest news and insights
AWS Middle East outage: a reminder not to rely on cloud as disaster recovery plan
Help Net Security
OpenAI joins the race in AI-assisted code security
Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity
Turning expertise into opportunity for women in cybersecurity
Open-source tool Sage puts a security layer between AI agents and the OS
Product Showcase: Fing Desktop puts network visibility on your screen
Submarine cables move to the center of critical infrastructure security debate
Week in review: Weaponized OAuth redirection logic delivers malware, Patch Tuesday forecast
Iran-linked APT targets US critical sectors with new backdoors
Microsoft working on Teams feature to keep unauthorized bots at bay
New cyber module strengthens risk planning for health organizations
SC Magazine
Breaking in with CrashFix, supply chain security, and CMMC phase 1 - Anna Pham, David Zendzian, Jacob Horne - ESW #449
The importance of keeping calm in trying circumstances: Zero Trust World 2026
Identity security as app growth accelerates: Why automation is becoming essential
3 Apple flaws from Coruna exploit kit added to CISA vulnerability list
Russian man admits role in global Phobos ransomware attacks
Depature of Trump's CISA director nominee from DHS fuels uncertainty
Cyberattack-related outages reported by New Jersey county
Context7 MCP Server flaw could allow malicious instructions for AI assistants
Actively exploited zero-days rise as surveillance firms ramp up abuse
Browser extension weaponization for malware delivery examined
© 2026 RiskDiscovery | Sponsored by: Deception Logic