[
News
|
Newsletters
|
Blogs
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
Guten Tag, Bonjour, Hola to Our European Cyber Defenders!
Is 'Tech-xit' Imminent? UK Steps Up Sovereignty Push Amid AI Strife
Claude Flaw Automatically Sends Malicious Prompts to AI Agents
2-Click Cursor Exploit Enables Dev Environment Takeover
Nigeria Deepens Cybersecurity Efforts as Cybercriminals See More Profits
Cribl Adds Agentic Detection Engineering & Boosts SecOps With CardinalOps Deal
Records Are Made to Be Broken: Patch Tuesday Raises Triage Stakes
6 GHz Wi-Fi Flaws Could Disrupt Critical Systems
Manage Vendor Risk in a Few Practical Steps
Frontier AI: The Genie's Out of the Bottle, but Where's the Rulebook?
Ars Technica
Microsoft’s Secure Boot has been broken for a decade and no one noticed until now
The US government warns that Russia state hackers are coming after your router
Now, defenders are embracing the prompt injection, too
Patch for Windows Defender 0-day could allow attackers to fill hard disk
Allstate accuses Broadcom of auditing it because it quit VMware, CA
Google pays $250K for Linux vulnerability allowing guest VM escapes
Aussie gov't tells volunteers to throw out thousands of functioning test routers
US rare earths flow to Asia as domestic demand is slow to emerge
Hackers can use 9 of the most popular AI tools to assemble massive botnets
Newly discovered PamStealer isn't your typical macOS malware
CyberScoop
SonicWall customers under threat as attackers exploit 2 zero-days
Dems press DNI nominee Jay Clayton on election security questions, but leave dismayed
Forget the model. When it comes to cybersecurity, it’s all about the harness
White House details ‘Gold Eagle’ clearinghouse for AI cyber threats
Microsoft discloses ‘the mother of all’ vulnerability loads, tripling June’s previous record
Treasury sanctions First VPN Service, others for abetting ransomware gangs
States are building their own election defense networks as federal support evaporates
Europe strikes out against Russia’s Turla over espionage, ‘destructive attacks’
Officials once again warn defenders that Russian hackers are targeting network devices
AI-generated code has made security debt a governance problem
InfoSecurity Magazine
Phishing Campaign Abuses eCards to Deploy RMM Tools
Eleven Vulnerable UEFI Shims Enable Secure Boot Bypass
Compromised Logins Surge as the Most Common Entry Point for Ransomware Attacks
Progress Restores ShareFile Storage Zones Access After Vulnerability Exploit Concerns
Microsoft Patches 570 CVEs in Record Patch Tuesday
Government Updates UK’s National Risk Register with Cyber Warnings
US: Pentagon Suspends CMMC Phase II Requirements for Defense Contractors
New MacOS Malware Exploits Legitimate Developer ID to Pose as Apple Crash Reporter
Lidl Notifies Customers of Third-Party Data Breach
Five Charged in “Russian Coms” Fraud Platform Case
SecurityWeek
Unpatched Cursor Vulnerability Exposes Users to Code Execution
CISA Urges Immediate Patching of Exploited SharePoint Vulnerabilities
Windows Bind Link Attacks Can Hide Malware From EDR Tools
Virtual Event Today: Cloud & Data Security Summit
US Charges Russian Individuals and Firms for Running Cybercrime Services
Vulnerabilities Patched by Fortinet, Ivanti, ServiceNow
White House Launches AI-Driven ‘Gold Eagle’ Vulnerability Coordination Initiative
Progress Confirms Zero-Day Vulnerability Behind ShareFile Disruption
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Rockwell
Critical Vulnerabilities Patched With Fresh Chrome 150, Firefox 152 Updates
ZDNet
Microsoft patches record 570 Windows security bugs with two exploited zero days - update now
73% of tech job listings require AI skills now: How to show off yours
New Mac malware masquerades as Apple's crash reporter: 3 ways to dodge the threat
I tested Jabra Evolve3 75 vs. ThinkPad 8550 - and I'd buy this headset for the ANC alone
I turned my Moto Razr into a tiny workstation - and wrote this entire story on it
'Rust makes coding fun again': Why Linux is moving away from C, according to Greg Kroah-Hartman
This free Mac tool lets me see which apps are quietly accessing the internet - and block them fast
I let ChatGPT Work and Claude Cowork loose on my files - only one made me nervous
Sony Bravia Theater vs. Sonos: I've used both home theaters - here's how to choose
I tested all three OpenVPN tiers: Why the free version is still the best choice for most users
The Hacker News
TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development
OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps
Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws
SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.
Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday
New Webinar: Closing the Approval Gap in AI-Era Ad Tech
Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware
Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack
BleepingComputer
Google Gemini CLI abused as a hacking agent, malware botnet operator
AsyncAPI npm packages infected with credential-stealing malware
We built a vulnerability vending machine: AI tokens in, zero-days out
CISA warns admins to patch actively exploited SharePoint flaws
Microsoft: Some Dell PCs shut down after recent Windows updates
US charges alleged operators of Russian bulletproof hosting service
SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
Spanish Police take down €140 million cyber fraud ring, arrest four
Nearly 300 GitHub repos pose as legit software to push malware
Microsoft releases Windows 10 KB5099539 extended security update
gbhackers
Russian-Speaking Hacker Uses Gemini CLI to Deploy C2 Botnet in Six Minutes
OkoBot Malware Uses ClickFix and SeedHunter to Steal Ledger and Trezor Seed Phrases
Microsoft Blocks Windows 11 Security Update on Dell PCs Over Intel Driver Causing Shutdowns and Battery Drain
3 Russian Nationals Indicted for Running Bulletproof Hosting Network Behind $62 Million Cyberattacks
LabubaRAT Rust Malware Masquerades as NVIDIA Software to Backdoor Windows Systems
Dell Warns of Critical PowerProtect Data Domain Flaws Allowing Remote Attackers to Take Complete Control
11 Malicious NuGet Game Cheat Packages Deploy Pepesoft Windows Surveillance Malware
SheetAgent RAT Runs 14 Virtual Machine Checks and Self-Deletes When Analysis Is Detected
FaceTime Scammers Combine Credential Theft, Remote-Access Apps, and iOS Exploits for Device Takeover.
Microsoft Fixes Multiple Windows RDP Flaws Exposing Sensitive Data Over the Network
Cybersecurity Dive
CISA warns that multiple vulnerabilities in SharePoint are under exploitation
US launches vulnerability clearinghouse amid AI-fueled surge in flaws
Sharp rise in AI adoption for cyber defense exposes major governance gap
Healthcare sector faces persistent supply-chain security, identity management challenges
US authorities warn that state-linked hackers are targeting vulnerable networking devices
Hackers find a new trick to collect Microsoft Entra user data without raising red flags
When cybercriminals outrun the feed
Copy-paste might be the riskiest thing your enterprise employees do all day
Initial access broker linked to weaponization of CitrixBleed2 flaw
CISA details security lapses that led to GitHub leak of passwords, cloud access keys
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
CISA sounds alarm over trio of exploited SharePoint flaws
Microsoft cancels Patch Tuesday for some Dell users over surprise shutdowns, overheating devices
LegacyHive: 'Bone-shattering' zero-day from Microsoft's serial tormentor not the haymaker that was promised
Patchpocalypse Now: Microsoft tops last month's record with 622 Patch Tuesday CVEs
Welsh Doxbin admin jailed for egging on swatters from behind a screen
Musk promises purge after Grok Build caught sending entire repos to the cloud
'The bots are alive!' Jailbroken Gemini spun up new C2 server for Russian fraudster in just 6 minutes
Baddies caught exploiting extensions bugs with perfect 10 scores on vulnerable Joomla websites
EU and UK officially blame Russian spies for cyberattack on Poland's power grid
World Cup grudge attackers may have scored Argentine FA access via year-old infostealer infection
VentureBeat
1Password moves into AI cost management, betting that token spend is the next enterprise budget crisis
Forget typosquatting; slopsquatting is the software supply chain threat created by AI coding tools
Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds
AI has collapsed the cyber response window — resilience now starts before the attack
The real cost, security, and culture problems behind enterprise AI agents
Digital resilience compounds when AI and human expertise scale together
The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.
TechCrunch
Microsoft patches bug in video game Age of Empires II
Hack suggests AI music generator Suno scraped YouTube for training data
Microsoft patches record number of security vulnerabilities, citing its use of AI
US charges Russian ‘bulletproof’ web hosts over cyberattacks that netted $62M from cybercrime victims
Iran abused mobile networks’ vulnerabilities to locate US military in the Middle East, report says
Telegram’s shortlink domain is back online after day-long suspension
Apple says former employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI
LAPD lets contract with surveillance giant Flock expire, citing ‘serious concerns’ over civil liberties and privacy
US cybersecurity agency CISA had to build its incident playbook during the incident, agency reveals
Florida ransomware negotiator convicted for helping ransomware gang extort US companies
Network World Security
IBM targets AI edge with Power server, software upgrades
Network jobs watch: Hiring, skills and certification trends
Google Cloud configuration update disrupts VMware Engine stretched clusters
Fortinet adds AI protections to endpoint security platform
How data centers cope with heat waves
ISC2: AI raises accountability demands for cybersecurity teams
2026 network outage report and internet health check
Governments to enterprises: Improve your router security hygiene
Severe weather an increasing risk for data center construction
Routine maintenance as a failure vector in modern networks
Help Net Security
LabubaRAT malware infiltrates Windows systems while posing as NVIDIA software
Threat actor impersonated hundreds of brands on GitHub to push infostealer malware
Socure rolls out Remote Verifier for higher-risk identity checks
Xint Pulse offers on-demand black-box penetration testing for web applications
F5 Insight for ADSP enhances BIG-IP operations with guided updates and AI audit trails
Radware adds cloud intelligence to DefensePro X for web DDoS defense
LatticeFlow AI connects governance frameworks with continuous AI risk monitoring
Spanish police dismantle €140 million cybercrime network
Nudge Security automates detection of risky OAuth grants and browser extensions
Binary Defense’s NightBeacon CMD helps enterprise SOC teams automate threat investigations
SC Magazine
Europe built the world's strongest privacy law. WhatsApp just found the gap it doesn't cover.
CISA warns that three SharePoint Server bugs are actively exploited
AI agents have forced an infrastructure rethink
MacOS ‘CrashStealer’ malware poses as crash reporter to steal credentials
Take Back Control as Enterprises Struggle to Incorporate Risks They Don't Understand - Ben Lipczynski - BSW #456
Old Microsoft-signed UEFI applications can bypass Secure Boot
Synopsys denies data breach claims by new ransomware group D1R
European lawmakers criticize Anthropic for AI policy hearing representation
Man sentenced for role in swatting attacks
ShinyHunters group exploits OAuth trust, prompting Microsoft security upgrades
© 2026 RiskDiscovery | Sponsored by:
Deception Logic