[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now
Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests
Microsoft, Salesforce Patch AI Agent Data Leak Flaws
Microsoft Bets $10B to Boost Japan's AI, Cybersecurity
Privilege Elevation Dominates Massive Microsoft Patch Update
EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
War Game Exercise Demonstrates How Social Media Manipulation Works
Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm
Adobe Patches Actively Exploited Zero-Day That Lingered for Months
Ars Technica
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
CyberScoop
OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model 
We’re only seeing the tip of the chip-smuggling iceberg
CISA cancels summer internships for cyber scholarship students amid DHS funding lapse
Microsoft drops its second-largest monthly batch of defects on record
Space Force official touts AI’s impact on cyber compliance
Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign
Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey
Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos
OpenAI’s Mac apps need updates thanks to the Axios hack
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
InfoSecurity Magazine
OpenAI Unveils GPT-5.4-Cyber for Improving Cyber Defense With AI
European Cybersecurity Agency ENISA Seeks Top-Tier Status in CVE Program
Signed Adware Operation Disables Antivirus Across 23,000 Hosts
Critical Nginx-ui MCP Flaw Actively Exploited in the Wild
AI Companies to Play Bigger Role in CVE Program, Says CISA
Researchers Spot Surge in Brute-Force Attacks from Middle East
Microsoft Fixes Two Zero-Days in April Patch Tuesday
CISOs Urged to Innovate with Talent Retention as Job Satisfaction Declines
Triad Nexus Expands Global Fraud Operations Despite US Sanctions
Malicious Chrome Extensions Campaign Exposes User Data
SecurityWeek
Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure
Exploited Vulnerability Exposes Nginx Servers to Hacking
Capsule Security Emerges From Stealth With $7 Million in Funding
‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks
100 Chrome Extensions Steal User Data, Create Backdoor
CISO Conversations: Ross McKerchar, CISO at Sophos
Mirax RAT Targeting Android Users in Europe
Two Vulnerabilities Patched in Ivanti Neurons for ITSM 
$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks
Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections
ZDNet
Best Buy will give you a free LG TV when you buy the B5 OLED at 50% off - seriously
Why Zorin OS 18.1 is simply the best Linux distro - for anyone
Why Netgear just got the first FCC router ban exemption in the US
Microsoft's latest Windows update now confirms if your PC is Secure Boot-protected - how it works
Can this $70 Linux app make up for the lack of Photoshop? I tried it to find out
You can use Linux 7.0 on these 7 distros today - here's what to expect
'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source
iPhone charging slowly? 6 quick fixes to try before blaming your battery
Roku TV vs. Fire Stick: Why I'm looking beyond streaming resolution when comparing the two
Why your TV wowed you in the store but looks unnatural at home - and how to fix it ASAP
The Hacker News
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
Deterministic + Agentic AI: The Architecture Exposure Validation Requires
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
BleepingComputer
Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest
CISA flags Windows Task Host vulnerability as exploited in attacks
Rolling Networks: Securing the Transportation Sector
Microsoft: April updates trigger BitLocker key prompts on some servers
Microsoft fixes bug behind Windows Server 2025 automatic upgrades
Microsoft adds Windows protections for malicious Remote Desktop files
Crypto-exchange Kraken extorted by hackers after insider breach
Over 100 Chrome Web Store extensions steal user accounts, data
Microsoft releases Windows 10 KB5082200 extended security update
McGraw-Hill confirms data breach following extortion threat
gbhackers
Top 10 Best API Security Providers Protecting Web Apps in 2026
Top 10 Best Application Security Testing Companies in 2026
Google, Microsoft, Meta Accused of Tracking Users Even After Privacy Opt-Out
MuddyWater-Style Hackers Probe 12,000+ Systems Ahead of Middle East
Google Uses Rust-Based Firmware in Pixel 10 Modem to Improve Memory Safety
Hackers Abuse Google Cloud Storage to Slip Remcos RAT Past Email Filters
Trusted WordPress Plugins Hijacked in 8-Month Stealth Backdoor Campaign
Windows Active Directory Flaw Opens Door to Malicious Code Execution
Microsoft Rolls Out KB5083769 Update for Windows 11 24H2 and 25H2
Hackers Exploit Hidden Microsoft 365 Mailbox Rules to Steal Sensitive Business Emails
Cybersecurity Dive
FCC exempts Netgear from foreign router ban
Medium-severity flaw in Microsoft SharePoint exploited
Brute-force cyberattacks originating in Middle East surge in Q1
FCC signals continued commitment to Cyber Trust Mark program
CISOs see gaps in their incident response playbooks
US, Indonesia shut down ‘sophisticated’ phishing kit
Stryker warns of earnings fallout from March cyberattack
Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign
NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Automotive data biz Autovista blames ransomware for service disruption
French cops free mother and son after 20-hour crypto kidnap ordeal
Ancient Excel bug comes out of retirement for active attacks
Raspberry Pi OS ends open-door policy for sudo
UK told its Big Tech habit is now a national security risk
Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft haven't warned users
Commvault has a Ctrl+Z for rogue AI agents
Microsoft's massive Patch Tuesday: It's raining bugs
No honor among thieves as 0APT threatens rival ransomware gang Krybit
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
VentureBeat
43% of AI-generated code changes need debugging in production, survey finds
Five signs data drift is already undermining your security models
Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot
AI agent credentials live in the same box as untrusted code. Two new architectures show where the blast radius actually stops.
Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook
AI agents that automatically prevent, detect and fix software issues are here as NeuBird AI launches Falcon, FalconClaw
Closing the data security maturity gap: Embedding protection into enterprise workflows
TechCrunch
Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant
Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites
Anthropic co-founder confirms the company briefed the Trump administration on Mythos
Adobe fixes PDF zero-day security bug that hackers have exploited for months
FBI announces takedown of phishing operation that targeted thousands of victims
Booking.com confirms hackers accessed customers’ data
Hack at Anodot leaves over a dozen breached companies facing extortion
France to ditch Windows for Linux to reduce reliance on US tech
Hacker stole £700,000 from UK energy company by redirecting payment
WireGuard VPN developer can’t ship software updates after Microsoft locks account
Network World Security
Maine to put brakes on big data centers as AI expansion collides with power limits
Satellite backhaul service Globalstar has a new, rich owner amid challenging market conditions
Cisco just made two moves to own the AI infrastructure stack
Data centers are moving inland, away from some traditional locations
2026 network outage report and internet health check
DNS security is often inadequate, and network engineers should get more involved
Fixing encryption isn’t enough. Quantum developments put focus on authentication
Curious about quantum? Check out training options from ISC2, IBM, AWS and more
Linux 7.0 debuts with some big changes for networking
Intel: Latest news and insights
Help Net Security
Capsule Security debuts with $7 million funding to secure AI agent behavior
Broadcom introduces zero-trust runtime for scalable AI agents
Bitdefender extends GravityZone with continuous email threat protection
Tenable unveils OT discovery engine to expose cyber-physical risks
Webinar: The IT Leader’s Guide to AI Governance
SC Magazine
What Claude Mythos signals for AI security’s future
Data Privacy for CISOs: How to Build a Privacy-First Security Strategy (2025 Guide) - WC #1
WordPress plugins compromised after acquisition, leading to backdoor installation
New JanaWare ransomware targets Turkey with low-value, high-volume attacks
Over 100 malicious Chrome extensions steal tokens, deploy backdoors
Kraken faces ransom demand after insider data breach
Proofpoint: Malicious inbox rules a key tactic in email breaches
Microsoft enhances Windows security against phishing with RDP file protections
Zscaler's Deepen Desai: AI is now default enterprise accelerator
Black Basta-linked attacks target executives via Teams phishing
© 2026 RiskDiscovery | Sponsored by: Deception Logic