[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
  [ privacy | malware | research | vendor ]
Wiz - Incidents
NCC Group Research
Threat Research - Sophos
You do surprise me.exe: An unexpected executable in Hola Browser
Pointing a Cursor at evading detection
GitHub internal repositories breached
WantToCry ransomware remotely encrypts files
Why AMOS matters: The macOS malware stealing data at scale
May’s Patch Tuesday hauls out 132 CVEs
Inside the lethal trifecta: Blast radius reduction in AI agent deployments
Donuts and Beagles: Fake Claude site spreads backdoor
Proof-of-concept exploit available for Linux 'Copy Fail' vulnerability (CVE-2026-31431)
'Mini Shai-Hulud' supply chain attack targets SAP npm packages
PortSwigger Research
Top 10 web hacking techniques of 2025
Top 10 web hacking techniques of 2025: call for nominations
The Fragile Lock: Novel Bypasses For SAML Authentication
Introducing HTTP Anomaly Rank
WebSocket Turbo Intruder: Unearthing the WebSocket Goldmine
Cookie Chaos: How to bypass __Host and __Secure cookie prefixes
Inline Style Exfiltration: leaking data with chained CSS conditionals
Beware the false false-positive: how to distinguish HTTP pipelining from request smuggling
HTTP/1.1 must die: the desync endgame
Repeater Strike: manual testing, amplified
Google Project Zero
AI Research - Sophos
Where AI in the SOC is actually delivering — and where it isn’t
Locking it down: A new technique to prevent LLM jailbreaks
Getting salty with LLMs: SophosAI unveils new defense against jailbreaking at CAMLIS 2025
Using AI to identify cybercrime masterminds
The sixth sense for cyber defense: Multimodal AI
DeepSpeed: a tuning tool for large language models
Sophos AI to present on how to defang malicious AI models at Black Hat Europe
SophosAI team presents three papers on AI applied to cybersecurity at CAMLIS
Political Manipulation with Massive AI Model-driven Misinformation and Microtargeting
SophosAI at Virus Bulletin ’24: Using multimodal AI as a “sixth sense” for cyber defense
Unit 42
Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2)
Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor
2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface
Out of the Crypt: The Evolving Cyber Extortion Economy
Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
Paved With Intent: ROADtools and Nation-State Tactics in the Cloud
Tracking TamperedChef Clusters via Certificate and Code Reuse
Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files
Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools
Talos Intelligence
Reporting from Vegas: Networking, AI, and good boys
Winning the cyber marathon with Tony Giandomenico
Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting
Less panic patching, more precision
DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap
MediaArea heap-based buffer overflow vulnerabilities
Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake
The art of being ungovernable
TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities
From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
© 2026 RiskDiscovery | Sponsored by: Deception Logic