[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Middle East Conflict Highlights Cloud Resilience Gaps
Microsoft Patches 83 CVEs in March Update
'Overly Permissive' Salesforce Cloud Configs in the Crosshairs
Russian Threat Actor Sednit Resurfaces With Sophisticated Toolkit
'BlackSanta' EDR Killer Targets HR Workflows
White House Cyber Strategy Prioritizes Offense
'InstallFix' Attacks Spread Fake Claude Code Sites
Are We Ready for Auto Remediation With Agentic AI?
Chinese Cyber Threat Lurks In Critical Asian Sectors for Years
Cylake Offers AI-Native Security Without Relying on Cloud Services
Ars Technica
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
Amazon appears to be down, with over 20,000 reported problems
Trump gets data center companies to pledge to pay for power generation
Downdetector, Speedtest sold to IT service-provider Accenture in $1.2B deal
LLMs can unmask pseudonymous users at scale with surprising accuracy
Google quantum-proofs HTTPS by squeezing 15kB of data into 700-byte space
New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises
Password managers' promise that they can't see your vaults isn't always true
Most VMware users still "actively reducing their VMware footprint," survey finds
Retraction: After a routine code rejection, an AI agent published a hit piece on someone by name
CyberScoop
Microsoft’s monthly Patch Tuesday is first in 6 months with no actively exploited zero-days
FBI says even in an AI-powered world, security basics still matter
Federal judge blocks Perplexity’s AI browser from making Amazon purchases
Critical defect in Java security engine poses serious downstream security risks
No, it’s not ‘unnecessarily burdensome’ to control your own data
Sean Cairncross lays out what’s coming next for Trump’s cyber strategy
We’ve seen ransomware cost American lives. Here’s what it will actually take to stop it.
The long-awaited Trump cyber strategy has arrived
Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI
DHS CISO, deputy CISO exit amid reported IT leadership overhaul
InfoSecurity Magazine
OpenAI's Promptfoo Deal Plugs Agentic AI Testing Gap
Only 24% Of organizations Test Identity Recovery Every Six Months
Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds
Ericsson Breach Exposes Data of 15k Employees and Customers
Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials
ShinyHunters Targets Hundreds of Websites in New Salesforce Campaign
Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data
Trump Administration Unveils New Cyber Strategy for America
UK Launches New Crackdown Unit to Tackle Cyber-Fraud at the Source
AI Security Startups Dominate New Cyber Innovation Awards
SecurityWeek
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric
Microsoft Patches 83 Vulnerabilities
Adobe Patches 80 Vulnerabilities Across Eight Products
Jazz Emerges From Stealth With $61M in Funding for AI-Powered DLP
Kai Emerges From Stealth With $125M in Funding for AI Platform Bridging IT and OT Security
Webinar Today: Securing Fragile OT in an Exposed World
SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities
Thousands Affected by Ericsson Data Breach
OpenAI Rolls Out Codex Security Vulnerability Scanner
Kevin Mandia’s Armadin Launches With $190 Million in Funding
ZDNet
When KaOS Linux dropped KDE Plasma, I worried - now I'm loving the new default desktop
Watch this, get rich, lose it all - 8 ways to spot and avoid investment scams on Meta
MacBook Neo review: My biggest concern with Apple's near-perfect budget laptop
7 surprisingly useful ways to use ChatGPT's voice mode, from a former skeptic
Sonos just launched 2 new speakers, with some subtle but useful upgrades
How to free up your iPhone storage almost immediately - 8 easy ways
Is AI stealing our jobs? A survey of 2,000 IT executives reveals a complicated answer
How to turn on repair mode on your Android phone - and why it's critical to do so
How I'm getting better sleep this year thanks to these quirky gadgets
I changed 12 settings on my Android phone to extend its battery life by hours
The Hacker News
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
BleepingComputer
New ‘BlackSanta’ EDR killer spotted targeting HR departments
New BeatBanker Android malware poses as Starlink app to hijack devices
New 'Zombie ZIP' technique lets malware slip past security tools
Microsoft releases Windows 10 KB5078885 extended security update
Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws
Windows 11 KB5079473 & KB5078883 cumulative updates released
HPE warns of critical AOS-CX flaw allowing admin password resets
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network
The New Turing Test: How Threats Use Geometry to Prove 'Humanness'
gbhackers
BeatBanker Trojan Spreads via Phishing, Deploys Crypto Miner and RAT on Targeted Devices
Microsoft Active Directory Flaw Allows Attackers to Escalate Privileges
Microsoft .NET 0-Day Flaw Opens Doors for Denial of Service Attacks
Trojanized Red Alert App Targets Israeli Users in SMS Scam to Steal Sensitive Data
HR Departments Targeted by Multi-Layered BlackSanta EDR Killer Malware
Microsoft Fixes 79 Vulnerabilities in March 2026 Patch Tuesday, Mitigating Two Exploited 0-Days
Fortinet FortiManager fgtupdates Flaw Enables Attackers to Execute Malicious Commands Remotely
PhantomRaven Malware Resurfaces, Targets npm Supply Chain to Steal Developer Secrets
Microsoft SQL Server Zero-Day Exposes Privilege Escalation Risk for Users
Top 10 Best Anti-Phishing Tools in 2026
Cybersecurity Dive
US entities face heightened cyber risk related to Iran war
Trump administration will test infrastructure cybersecurity approaches in pilot program
Conflicting definitions and timelines cause cybersecurity regulation morass, industry reps say
State-linked actors targeted US networks in lead-up to Iran war
How AI will impact security careers and what leaders should do about it
4 best practices to get IAM implementation right the first time
Trump’s new cybersecurity strategy makes promises but lacks details
HHS adds cybersecurity guidance to healthcare sector self-assessment tool
Nearly half of exploited zero-day flaws target enterprise-grade technology
Microsoft, Europol disrupt global phishing platform Tycoon 2FA
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Critical Microsoft Excel bug weaponizes Copilot Agent for zero-click information disclosure attack
Cybercrime isn't just a cover for Iran's government goons - it's a key part of their operations
Crooks compromise WordPress sites to push infostealers via fake CAPTCHA prompts
Fake job applications pack malware that kills EDR before stealing data
Ericsson blames vendor vishing slip-up for breach exposing thousands of records
Protecting democracy means democratizing cybersecurity. Bring on the hackers
Polish cops bust alleged teen DDoS kit sellers – youngest just 12
AI vs AI: Agent hacked McKinsey's chatbot and gained full read-write access in just two hours
ShinyHunters claims more high-profile victims in latest Salesforce customers data heist
EV charger biz ELECQ zapped by ransomware crooks, customer contact data stolen
VentureBeat
Anthropic and OpenAI just exposed SAST's structural blind spot with free tools
Enterprise identity was built for humans — not AI agents
Microsoft says ungoverned AI agents could become corporate 'double agents.' Its fix costs $99 a month.
Pentagon vendor cutoff exposes the AI dependency map most enterprises never built
Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure
When AI lies: The rise of alignment faking in autonomous systems
What if the real risk of AI isn’t deepfakes — but daily whispers?
TechCrunch
DOGE employee stole Social Security data and put it on a thumb drive, report says
Mandiant’s founder just raised $190M for his autonomous AI agent security startup
US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine
OpenAI acquires Promptfoo to secure its AI agents
Russian government hackers targeting Signal and WhatsApp users, Dutch spies warn
Salt Typhoon is hacking the world’s phone and internet giants — here’s everywhere that’s been hit
Anthropic’s Claude found 22 vulnerabilities in Firefox over two weeks
TriZetto confirms 3.4M people’s health and personal data was stolen during breach
FBI investigating hack on its wiretap and surveillance systems: Report
Italian prosecutors confirm journalist was hacked with Paragon spyware
Network World Security
Eridu exits stealth with $200M to rebuild AI networking
2026 network outage report and internet health check
Cisco blends Splunk analytics, security with core data center management
Cisco: Latest news and insights
HPE’s server and storage prices can change after you place an order
Cisco: LPO not a panacea but plays strategic role in AI networks
AI transforms ‘dangling DNS’ into automated data exfiltration pipeline
Data center new builds diminish even as demand rises
Cisco issues emergency patches for critical firewall vulnerabilities
Lack of regulatory action on hyperscaler dominance prompts inquiry chair to quit
Help Net Security
Virtana enables full-stack root cause analysis beyond legacy APM
Forescout replaces manual audits with automated, always-on compliance validation
OPSWAT delivers AI-powered perimeter defense with unified zero-day verdicts
Secureframe automates CMMC compliance with secure infrastructure and AI SSPs
Cloud-audit: Fast, open-source AWS security scanner
Zero trust, zero buzzwords: Here’s what it means
Software vulnerabilities push credential abuse aside in cloud intrusions
Fortinet enhances SecOps with cloud SOC, AI automation, and managed services
Mend.io eliminates AI prompt weaknesses before production
Messenger can warn you about sketchy links without knowing what you clicked
SC Magazine
Texas governor pushes for review of Chinese medical devices amid federal cyber warnings
New federal unit coordinating cyber threat action planned
Success Magazine subscriber data reportedly leaked
Over 3M allegedly impacted by Cal AI app breach
Elastic Cloud SIEM free trial exploited for exfiltrated data storage
Allegedly stolen Roblox credential trove with 50M records offered for sale
Crypto clipboards covertly targeted by new ClipXDaemon malware
Novel A0Backdoor spread in Teams phishing operation
Asian critical infrastructure subjected to clandestine Chinese hacking campaign
Third-party software exploits increasingly harnessed in accelerated cloud breaches
© 2026 RiskDiscovery | Sponsored by: Deception Logic