[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Europe Evolves Into Ransomware's Favorite Region
Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure
2026 FIFA World Cup Faces Surge in Cyber Threats
Do CISOs Need a Code of Ethics?
More Malicious OpenClaw Skills Threaten AI Supply Chain
Apple's MacOS Gap Lets Users Disable Security Tools
Scope of Salesforce Attacks Expands as Icarus Leaks Data
'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
SocGholish Takedown Highlights Malicious TDS Threats
FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist
Ars Technica
One-two punch delivered in global operation disrupts cybercrime "assembly line"
White House drastically shortens deadline for dropping quantum-vulnerable crypto
Oracle’s 21,000 layoffs help drive its debt-fueled AI investments
Following user outcry, AMD reinstates memory encryption in consumer CPUs
Microsoft discovers new lightweight backdoor that steals cryptocurrency
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
Before SpaceX IPO, investors in China secretly acquired stakes
Massive breach spills credentials for thousands of sensitive networks
Tesco moving 40,000 server workloads off VMware amid Broadcom's “abusive conduct”
"Dangerous" AI models are coming no matter what
CyberScoop
Federal court rules Trump election-focused executive order illegal
Russia uses Cellebrite to break into human rights activist’s phone, even after cancellation of contract
Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack
Why patch directives only go so far
Malicious hackers exploit Cisco zero-day for highest access level at communications service provider
In a first, a court takedown goes after two cybercrime tools at once
Open-source security is posing challenges governments can’t easily solve
Justice Department seizes infrastructure used by cyber scam and criminal marketplace
Algerian man charged with running two cybercrime marketplaces
Court rules SAVE database illegal, orders it dismantled
InfoSecurity Magazine
Cisco Vulnerability Exploited Months Before Disclosure, Google Warns
Twenty Million US IP Connections Used by Proxy Services
Trust in Automated AI Vulnerability Scanning Collapses to 9%, New Study Finds
New CISA Guide Helps Agencies Adopt SASE For Zero Trust
macOS Flaw Lets Standard Users Disable EDR and MDM
Major Increase in Ransomware Attacks Targeting Europe, Warns New Report
Researchers Trick AI Browsers Into Leaking Credentials
Europol-Led Operation Endgame Takes Down StealC and Amadey Infostealers
macOS Backdoor Uses Prompt Injection to Evade AI Triage
KDDI Breach Affects Six Japanese ISPs, Exposes 14.2 Email Credentials
SecurityWeek
Runlayer Raises $30 Million in Series A Funding
Cal Water Finds No Evidence of OT Activity After Hackers Claimed They Could Disrupt Water Supply
Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning
GitLab Patches Code Execution, Information Disclosure Vulnerabilities
25-Year-Old Vulnerability Patched in Curl
NIST Opens Updated IoT Security Guidance to Public Review
Chrome 149 Update Resolves 18 Severe Vulnerabilities
Cisco SD-WAN Zero-Day Exploited Months Before Patching
When Information Becomes the Attack Surface – Understanding AI Agent Traps
Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware
ZDNet
Prime Day ends soon: We hand-picked the 95+ best deals still live, before they disappear
Pokémon Chaos Rising Trainer Boxes are sold out for Prime Day, but the booster bundles are still 17% off
5 of the best MSI gaming laptop deals live now for Amazon Prime Day
I found better gaming deals at Best Buy than Amazon's Prime Day sale
Got a spare PC? How to open-source your smart home - for free
I won't fly anywhere without this tiny Bluetooth dongle - it's 21% off right now
Amazfit vs. Garmin: I tested two flagship smartwatches - is one worth the $250 premium?
The Garmin Fenix 8 Pro smartwatch is a top-selling Prime Day deal - here's why I recommend it
Chrome's next update will kill your adblocker - and make the web less safe
HeyPolo vs. Life360: I tried both location-sharing apps, and there's a clear winner
The Hacker News
Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories
Surviving the Mythos Era: Richard Bejtlich on the Case for NDR
New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis
New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited
Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered
Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks
Dawn of the Apex Agentic Adversary
BleepingComputer
New macOS malware embeds fake errors to confuse AI analysis tools
PirloTV sports piracy network disrupted as 44 domains seized
Bluekit phishing kit adopts browser-in-the-middle for login theft
The Four Elevations of Effective Fraud Prevention
Webinar: Why account takeovers remain one of the hardest threats to stop
Google releases new privacy controls for activity history, personalization
DraftKings hacker 'Snoopy' sentenced to 18 months in prison
Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access
Malicious Edge extension abuses Native Messaging as bridge to malware
CISA warns of max severity Ubiquiti flaws exploited in attacks
gbhackers
ManageEngine AD360 Integrated Products Hit by Account Takeover Vulnerability
LokiBot Malware Uses API Hashing and 3DES-Encrypted C2 to Hide Infostealer Activity
Gemini 3.5 Flash Now Supports Agentic Computer Use for Enterprise Automation Tasks
Shai-Hulud Hades Payload Hits 20 Leo/RStreams npm Packages in Fresh Supply Chain Attack
Langflow RCE Flaw Lets Attackers Execute Arbitrary Python Code Without Authentication
Curl 8.21.0 Released With 18 Security Fixes
Hackers Abuse Cloudflare-Hosted AWS Phishing Domains to Steal Console Logins
Google Chrome Update Patches 18 Security Flaws, Including Critical WebGL and Autofill Vulnerabilities
DPRK-Linked macOS Implant Uses LaunchAgent Persistence and Python Stealer Module
Microsoft WinRE Vulnerability Allows Hackers to Bypass UEFI/BIOS Password Enforcement
Cybersecurity Dive
Microsoft, Europol lead international takedown against infostealer malware
Ransomware attacks grew in 2025 as traditional data breaches fell
White House’s state infrastructure cybersecurity initiative stalled
Trump sets new deadlines for agencies and contractors to adopt post-quantum cryptography
Klue investigating supply chain attack that targeted Salesforce integrations
Looming AI-fueled threats require urgent cybersecurity improvements, Five Eyes members say
Interpol, Europol renew agreement to combat hackers and other criminals
CISA urges device hardening after thousands of Fortinet credentials compromised
3 ways AI is transforming security operations - and where it delivers real impact
AI is transforming enterprise data risk. Here’s how security leaders are responding.
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
UK school’s network left wide open for invasion, student found
Nation-state actors cracked critical Australian infrastructure to ‘cripple it at a time of their choosing’
The hits keep on coming for Cisco vulnerabilities
Microsoft uses AI to link two malware operations in racketeering suit
London cops bring live facial recognition to West End
You have got to be KDDI-ng – Japanese telco exposes 14.2 million managed email credentials
Mythos discovers 'Squidbleed,' a memory leak that's gone undetected since Clinton era
Five Eyes spooks warn AI means infosec incidents can become ‘major operational and financial crises’
Sniff out stale AI override advice with this open source CLI
OpenAI: Yoo-hoo, look over here, we do that security stuff too!
VentureBeat
Visa will offer an inside look at Project Glasswing and how the most powerful agentic models are changing enterprise security at VB Transform 2026
7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes
Copilot searched your mailbox. LiteLLM handed out admin keys. Run this 5-check audit before your stack is next
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
TechCrunch
Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats
Cellebrite said it cut off Russia, but Russia used its tools anyway
New website names and shames companies that still don’t offer passkeys to users
Klue says hackers stole credential from 2022 that led to customer data breaches
Password manager maker LastPass says hackers stole customer support case data during Klue breach
Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach
A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak 
Anthropic says Claude may want to see your ID
Klue hack results in data breach at several cybersecurity firms
Signal’s Meredith Whittaker wants you to remember that AI chatbots ‘are not your friends’
Network World Security
IBM unveils sub-1 nanometer chip with nearly 100 billion transistors
Qualcomm’s $3.9 billion purchase of Modular aims to change the data center dynamic
IBM, Red Hat, Palo Alto team to secure open-source software
Break legacy lock-in: Strategic options for enterprises facing the vSphere 8 deadline
Attackers exploit Cisco Unified CM flaw weeks after patch release
Upscale AI readies Skyhammer scale-up networking tech, raises new funding
Rami Rahim’s message for network pros: Legacy networks can’t withstand rigors of AI
2026 network outage report and internet health check
China’s LineShine dethrones El Capitan as the world’s fastest supercomputer
Nvidia: Latest news and insights
Help Net Security
Stealthy new backdoor surfaces in attacks on multiple sectors
Checksum API Agent generates and maintains stateful API tests
Reco Agent Security helps organizations govern AI agents and reduce exposure
Mitiga unveils Agentic Runtime Security for cloud, SaaS, identity, and AI protection
ControlMonkey connects backup visibility with cloud recovery readiness
Veritone introduces Assess to streamline evidence analysis and compliance reviews
runZero 5.0 unifies exposure management to accelerate risk reduction
BlackLine enhances Agentic Financial Operations Platform with CFO-focused AI oversight tools
Hacker gets 18 months for attack that compromised 60,000 betting accounts
SpyCloud automates threat investigations with new Research Agent
SC Magazine
Vulnerability Management is Broken: How to Reduce Risk (Not Just CVEs) in Containers - WC #1
ASIO establishes dedicated teams to counter nation-state cyber sabotage
Website shames companies for not offering passkeys
StealC infrastructure takedown assisted by AI analysis, C2 infiltration
Did AI kill vulnerability management—or just expose its flaws?
Nationwide GSM-R outage halts German trains
EvilTokens phishing service scales attacks 1,380% with AI integration
London police to expand live facial recognition use
UK cybersecurity managers question speed-focused certification programs
macOS attack technique bypasses endpoint security tools
© 2026 RiskDiscovery | Sponsored by: Deception Logic