[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
[An RX Global Event] Infosecurity Europe
Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit
Name That Toon: Mark of (Cybersecurity) Progress
As Global Powers Explore Humanoid Robots, Cyber-Risk Looms
Asia's Cyber Insurance Market Shows Signs of Life
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
'The Com' Cyberattacks Support Violence & Sexploitation
Dutch Raid Fails to Dent Russian Bulletproof Host
Agentic AI Isn't Risky; the Way Orgs Deploy It Is
Ars Technica
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
US's big bet on quantum computing may not be entirely legal
Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption
A hacker group is poisoning open source code at an unprecedented scale
US government takes $2 billion equity stake in nine quantum computing firms
Google publishes exploit code threatening millions of Chromium users
In stunning display of stupid, secret CISA credentials found in public GitHub repo
CyberScoop
Election threats are focused on campaign systems, not voting machines
Tennessee man linked to 764 accused of series of crimes against children dating back to 2022
Federal audit reveals NIST’s NVD is plagued by poor planning and duplication
House panel poised to hold hearing centered on AI impact on cyber
Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket
Zapier fixes bug chain that researchers say risked widespread account takeover
OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
InfoSecurity Magazine
Critical Flowise Flaw Gives Attackers Full Server Control
Infosecurity Europe: Tabletop Exercise to Test How CISOs Respond to Major Supermarket Cyber-Attack
Infosecurity Europe: AI SOCs Will Still Need SOC Analysts, Security Vendors Say
FSB Group Gamaredon Hides Worm in Windows Data Streams
Attackers Abuse Shared Content for ChatGPT Phishing Campaign
Palo Alto Warns High-Severity Bug Is Being Actively Exploited
Infosecurity Europe: OWASP Forms New Agentic Research Council
Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
Infosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec Takes Over
Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies
SecurityWeek
Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs
Dragos Acquires xIoT Security Firm Phosphorus
As the Pentagon Pushes for Battlefield AI, Some Military Leaders Urge Caution
19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access
Recent Palo Alto Networks Vulnerability Exploited for Weeks
Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say
Exploit Code Published for Critical Flowise RCE Vulnerability
In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks
Charter Communications Data Breach Could Impact Nearly 5 Million
MokN Raises $15 Million for Phish-Back Platform
ZDNet
My top 7 laptop-bag essentials now, after decades of remote work
You can leave FaceTime video voicemails, and a lot of people don't know it - here's how
Why I happily paid for the Transmit MacOS app - and it's not just the 16x faster file transfer speed
Chrome stops hackers from stealing your browser cookies now - how its new security feature works
Why I built my own DIY cyberdeck straight out of 80s sci-fi - and how you can too
Wireless vs. wired security cameras: After years of testing, the best choice for my home is clear
Overheating from Android Auto? 8 easy fixes that effectively cooled off my phone
This Lenovo Yoga rivaled my MacBook Air in ways I didn't expect it to
I switched to MyRadar as my main Android Auto weather app and don't regret it
I put my smart TV setup behind a router-based VPN and never looked back - here's why
The Hacker News
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
BleepingComputer
Microsoft investigates Office Apps, Teams file access issues
Race Against Time: Why Faster Vulnerability Alerts Matter
Critical Windows Netlogon RCE flaw now exploited in attacks
Webinar tomorrow: From alert to resolution in network incident response
Microsoft fixes outage affecting MFA setup, MySignIn service
Microsoft fixes KB5089549 Windows security update install issues
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
New CIFSwitch Linux flaw gives root on multiple distributions
ChatGPT share links abused to host fake outage pages to deliver malware
gbhackers
Attackers Exploit Docker, Kubernetes Misconfigs to Breach Hosts
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
Critical Plesk Vulnerability Lets Users Execute Server Commands
Iranian Hackers Hijack AppDomainManager to Bypass EDR
Microsoft: No Lawsuits Against Researchers in Nightmare-Eclipse Row
Iran-Linked Hackers Wipe IT and Recovery Systems in Middle East Cyberattack
Meta AI Vulnerability Allegedly Enables Instagram Password Resets
Microsoft KB5089573 Fixes Windows 11 Patch Tuesday Install Failures
Windows Netlogon 0-Click RCE Vulnerability Under Active Exploitation
Hackers Target Signal Users to Steal Backups in New Attack Wave
Cybersecurity Dive
CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation
Without strong governance, companies put credit ratings at risk in AI era
Top 4 data security best practices for the AI-enabled enterprise
How Canva scaled to 260+M users while elevating security and productivity
CISA urges security teams to check for software development compromises
How CISOs can manage sovereign-cloud security risks
IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities
Enterprise data is creeping its way into shadow AI tools
Coordinated operation takes down Glassworm botnet
Leading AI models are more vulnerable to malicious prompts than vendors claim
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
GTA cheat service Atlas Menu hacked as attacker alleges screenshot spying
Palo Alto VPN bug graduates from advisory to active exploitation
Password manager Dashlane suspends customer accounts amid brute-force attacks
Putin sends submarines to survey Britain's subsea cables. UK deploys Royal Navy, mobilizes parliamentary draftsmen
Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries
ICE to keep an eye on your eyes under $25M biometric scanner deal
No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out
23andMe inherits lawsuit over 'disturbing' DNA data breach
Dutch cops wrest 17M devices from mystery botnet's clutches
ChatGPT blindly trusts browser content, turning the page into a payload
VentureBeat
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.
Valid certificates, stolen accounts: how attackers broke npm's last trust signal
Americans can’t spot a deepfake, and that’s a business crisis, not just a consumer problem
TechCrunch
Microsoft under fire for threatening security researcher with criminal investigation
Final 24 hours to save up to $410 on your TechCrunch Disrupt 2026 ticket
Hackers are trying to steal Signal users’ backups in new wave of widespread attacks
A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licenses
US says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’
UK Visa Portal exposed thousands of applicants’ passports and selfies — then called the lawyers on us
CrowdStrike and Google take down botnet used by hackers to target open source software developers
TechCrunch Disrupt 2026 Early Bird ticket savings end in 3 days
Dutch government blocks US company from acquisition, citing ‘risk to public interest’
Ghost hackers: the cybersecurity mystery that nobody has solved
Network World Security
Intel focuses on power efficiency and cost with new chip designs
Cisco: Latest news and insights
Meta considers becoming a hyperscaler
Zero trust isn’t broken, but most companies are doing it wrong
As AI datacenter memory becomes hot commodity, SK Hynix makes it cooler
Cisco research finds standard AI safety benchmarks miss the real threat
Cisco redefines ‘job-ready’ for network engineers with its certification overhaul
2026 network outage report and internet health check
IBM plans $2B quantum chip foundry; government will pay half
Cisco: AI traffic is radically reshaping WANs
Help Net Security
Meta tries to get ahead of scammers before the World Cup begins
NetQuest expands NetworkLens to detect threats hidden in network management traffic
Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089)
Secure Code Warrior connects developer training to AI usage and code risks
Brute-force attack triggers Dashlane account lockouts
Insight bundles exposure management, patch operations, and XDR into one service
depthfirst adds pre-install protection against malicious dependencies
PathSolutions brings on-premises AI troubleshooting to NetOps teams
Cato cuts vulnerability protection time to 45 minutes with agentic threat research
Hyland platform innovations focus on AI governance, context, and agent oversight
SC Magazine
The 2026 FIFA World Cup: A network availability stress test
How to defend at machine speed: A post-LLM era playbook 
Helping defense's use of AI catch up with offense, cost of the vulnpocalypse, news - Evan Powell - ESW #461
AI helps Russian-speaking GreyVibe run five parallel attack chains on Ukrainian targets
Sidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Beliefs, Josh Marpet - SWN #585
Key Questions to Ask When Evaluating an Identity and Access Management Vendor
How to Build an AI Governance Framework for Identity
SAML: How It Works, Common Misconfigurations, and Security Implications
Why IAM Matters: Benefits, Challenges, and Common Pitfalls
How to Evaluate and Select Identity and Access Management Tools
© 2026 RiskDiscovery | Sponsored by: Deception Logic