[
News
|
Newsletters
|
Blogs
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
Ransomware Thugs Masquerade as Interpol to Entice Small Biz
Anthropic's AI Finds Bugs. IBM Bets $5B It Can Fix Them.
Crafty Phishing Campaigns Auto-Adapt to Victim's Device, OS
And the Winner in Dominant Malware Delivery? ClickFix
When Too Much Security Data Became the Risk
'Phantom Squatting': An Emerging AI-Driven Supply Chain Threat
Safe Events Start With Threat Intel & Digital Security
China-Linked Group Targets Southeast Asia Critical Systems
Fake Bug Report Hijacks AI Coding Agents at Scale
Attackers Seize Exposed AI Endpoints to Power Offensive Ops
Ars Technica
T-Mobile moving tens of thousands of virtual machines off VMware amid lawsuit
New attack provides one more reason why AI browsers are a bad idea
US offers $10 million for info on group behind Signal and WhatsApp hacking spree
Notion killing Skiff-influenced email app since most users use AI agents instead
One-two punch delivered in global operation disrupts cybercrime "assembly line"
White House drastically shortens deadline for dropping quantum-vulnerable crypto
Oracle’s 21,000 layoffs help drive its debt-fueled AI investments
Following user outcry, AMD reinstates memory encryption in consumer CPUs
Microsoft discovers new lightweight backdoor that steals cryptocurrency
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
CyberScoop
Alleged longstanding member of Scattered Spider extradited to US
Researchers spot exploitation of another critical Oracle defect
US lifting export control restrictions on Anthropic’s Mythos, Fable
This phishing kit looks more like BEC-as-a-service
Citrix patches a new NetScaler flaw with echoes of CitrixBleed
Trump budget boss Russell Vought open to re-staffing CISA
DHS to unveil replacement council for critical infrastructure cybersecurity
How ransomware syndicates weaponize corporate-style organization
Warner bill would create federally vetted list for secure, trustworthy AI agents
Supreme Court approves mail-in ballots that arrive after Election Day
InfoSecurity Magazine
Researcher Behind 'Exploitarium' Explains Release of Undisclosed Zero-Day Exploits
Cybercriminals Pose as Interpol in Phishing Emails to Infect Victims With Ransomware
NCSC Shares Tips on How to Make a Pen Tester’s Job Harder
Alleged Scattered Spider Member Extradited to US
Fileless Malware Abuses Google Blogspot to Deploy Infostealer in Memory
Brazilian Banking Trojan Ousaban Targets Spain and Portugal
Anthropic's Fable 5 and Mythos 5 Are Back with New Security Guardrails
Microsoft Accelerates Quantum-Safe Push with New Timeline
Insurance Giant Aflac Discloses Data Breach Impacting Millions
Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day
SecurityWeek
New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure
How to Conduct a Successful Audit of AI-Driven Software Development
FortiBleed Campaign Linked to INC, Lynx Ransomware Attacks
Trump Administration Lifts Restrictions on Anthropic’s Claude Models After Cybersecurity Alarm
Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability
‘BioShocking’ Attack Tricks AI Browsers Into Stealing Credentials
CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability
Microsoft Adds New Teams Controls to Block Unauthorized AI Bots From Meetings
Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities
Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack
ZDNet
Considering plug-in solar at home? Electrical experts say to watch for these 6 safety risks
The best July 4th TV deals: Up to 50% off Samsung, Sony, and more
16 Apple Messages settings I change on every iPhone - and why
LG is giving away free single-door refrigerators - how to qualify for the deal
I've been reviewing laptops for years: These are the 15+ best July 4th laptop deals
The best July 4th deals live now: Save on Anker, Garmin, Apple, and more
The 10 most popular products ZDNET readers bought last month (including during Prime Day)
Finally, I found a robot vacuum that leaves my two-year-old model in the dust
I tested the LG C6 OLED for a week, and the colors made me question my Mini LED loyalty
HP's new OmniBook is a smart buy in this economy - here's what convinced me
The Hacker News
ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories
ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API
Identity Lifecycle Management Wasn't Built for AI Agents
AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack
FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges
SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
BleepingComputer
Google loses final appeal to overturn €4.1 billion EU fine
ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
Microsoft fixes bug that removed Copilot buttons in Outlook
Cisco finally confirms attackers exploiting Unified CM flaw
CISA: Microsoft SharePoint RCE flaw now actively exploited
Opera rolls out Paste Protect feature to fight ClickFix attacks
Alleged Scattered Spider hacker extradited to the United States
Medtronic notifies customers impacted by ShinyHunters data breach
FortiBleed credential-theft campaign linked to Lynx ransomware
Kubota says hackers had month-long access to network systems
gbhackers
Opera Browser Adds Native Paste Protect to Stop Clipboard Hijacking and Code Injection Attacks
Hackers Abuse ScreenConnect Remote Access Tool to Deploy AsyncRAT Through Fake Installers
Phishing Campaign Uses Fake Invoice PDF to Drop AsyncRAT, VenomRAT, and XWorm
950 Oracle E-Business Suite Instances Exposed as CVE-2026-46817 Attacks Observed in the Wild
EvilTokens-Linked ARToken Panel Exposes 80+ APIs for Microsoft 365 Token Theft
CISA Adds Actively Exploited Microsoft SharePoint Vulnerability to KEV Catalog
Hackers Use Geofenced Webpages to Deliver Ousaban Banking Trojan in Spain and Portugal
JetBrains Patches Critical Hub Authentication Bypass and Account Takeover Vulnerabilities
ValleyRAT Uses RC4 Encryption, Donut Shellcode, and rundll32 Injection for Stealth
Apple Hide My Email Vulnerability Lets Attackers Reveal Users’ Real Email Addresses
Cybersecurity Dive
FortiBleed campaign traced to INC and Lynx ransomware operations
Most cybersecurity workers have been told to conceal a breach, report finds
Critical flaw in Oracle E-Business Suite is under immediate threat
Anthropic reactivates Fable, Mythos after securing government approval
Critical flaw in SimpleHelp exploited in attacks targeting sensitive credentials
DHS proposes new system for public-private infrastructure security collaboration
Insurance body confirms hackers posted Oracle PeopleSoft breach data
OpenAI voluntarily limits new AI models at government’s request
From mythos to reality: Why the 2026 state of pentesting report proves the need for programmatic defenses
Software, AI companies form alliance to tackle open-source security flaws
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Smooth AI criminal drives 'first' end-to-end agentic ransomware attack
Ctrl+Alt+Oops: FortiBleed criminal's logins stitch two gangs together
Microsoft said exploitation was 'less likely' ... but CISA just added SharePoint RCE to KEV list
Pacemaker manufacturer Medtronic warns patients cybercrooks may have swiped health data
India gives WhatsApp three days to defend username rollout amid security fears
Oracle E-Business Suite was under attack via critical flaw before the public exploit code was even released
Hackers shoveled snow for company, were rewarded with network admin access
EvilTokens device-code phishing kit totally more evil than we all thought
Claude Sonnet 5.0 heads straight down the middle of the road to dodge controversy
Somebody told DeepSeek to build in-browser ransomware and it gleefully complied
VentureBeat
Digital resilience compounds when AI and human expertise scale together
The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.
Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers
Autonomous security agents need complete data. Here's how to check if yours is ready.
Frontier AI is rewriting the economics of software supply chain security
Visa will offer an inside look at Project Glasswing and how the most powerful agentic models are changing enterprise security at VB Transform 2026
7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes
TechCrunch
US government says it got hacked — again
In major privacy win, Supreme Court rules geofence warrants are protected by privacy rights
Russian hackers were behind $2.5B hack of Jaguar Land Rover: Report
Polymarket says hackers stole users’ funds
Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats
Cellebrite said it cut off Russia, but Russia used its tools anyway
New website names and shames companies that still don’t offer passkeys to users
Klue says hackers stole credential from 2022 that led to customer data breaches
Password manager maker LastPass says hackers stole customer support case data during Klue breach
Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach
Network World Security
Cheap Chinese chips could offer way out of RAM price crisis, Apple suggests
Cisco details Live Protect’s real-time threat mitigation capabilities
What Meta, Oracle moves say about data center economics
Network jobs watch: Hiring, skills and certification trends
Kyndryl: AI success hinges on workforce readiness
Netgear brings AI-driven network management to SMEs and MSPs
2026 network outage report and internet health check
U.S. Open powers up AI-ready network in challenging environment
Aggressive federal PQE timeline prompts warnings for enterprises
You can’t build sovereign infrastructure with Broadcom, says CISPE
Help Net Security
Scattered Spider suspect extradited over $8 million ransom scheme
New iboss platform gives organizations instant visibility into AI tools and usage
Cloudflare changes AI crawler access rules
Opera blocks ClickFix attacks with new clipboard protection feature
The endpoint recovery gap many teams discover during an incident
Review: CTRL+ALT+PWN
Catching ransomware on the wire before it locks the file server
What the AI patch gap means for enterprise security
GitHub’s new tool helps prevent costly open-source license violations
Netzilo adds runtime governance for AI agents across major platforms
SC Magazine
4 ways to combat the endless stream of phishing attacks
Vulnerability Management is Broken (Here’s How to Fix It) - WC #1
New ChocoPoC trojan targets security researchers with fake exploit code
FEMA clarifies rules for cybersecurity grant funding
Attackers exploit AI-hallucinated web domains through 'phantom squatting'
Aflac Japan data breach affects 4.38 million customers
Researchers detail attack chain escaping Anthropic's Claude Cowork sandbox
Massive password spray attack targets Azure CLI, bypasses MFA
Aikido Security acquires Root.io to enhance open-source software patching
Critical Langflow vulnerability exploited to deploy Monero cryptocurrency miner
© 2026 RiskDiscovery | Sponsored by:
Deception Logic