[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
  [ privacy | malware | research | vendor ]
Wiz - Incidents
NCC Group Research
Threat Research - Sophos
GitHub internal repositories breached
WantToCry ransomware remotely encrypts files
Why AMOS matters: The macOS malware stealing data at scale
May’s Patch Tuesday hauls out 132 CVEs
Inside the lethal trifecta: Blast radius reduction in AI agent deployments
Donuts and Beagles: Fake Claude site spreads backdoor
Proof-of-concept exploit available for Linux 'Copy Fail' vulnerability (CVE-2026-31431)
'Mini Shai-Hulud' supply chain attack targets SAP npm packages
Supply chain attacks hit Checkmarx and Bitwarden developer tools
Microsoft addresses 163 CVEs, 88 advisories for April Patch Tuesday
PortSwigger Research
Top 10 web hacking techniques of 2025
Top 10 web hacking techniques of 2025: call for nominations
The Fragile Lock: Novel Bypasses For SAML Authentication
Introducing HTTP Anomaly Rank
WebSocket Turbo Intruder: Unearthing the WebSocket Goldmine
Cookie Chaos: How to bypass __Host and __Secure cookie prefixes
Inline Style Exfiltration: leaking data with chained CSS conditionals
Beware the false false-positive: how to distinguish HTTP pipelining from request smuggling
HTTP/1.1 must die: the desync endgame
Repeater Strike: manual testing, amplified
Google Project Zero
AI Research - Sophos
Where AI in the SOC is actually delivering — and where it isn’t
Locking it down: A new technique to prevent LLM jailbreaks
Getting salty with LLMs: SophosAI unveils new defense against jailbreaking at CAMLIS 2025
Using AI to identify cybercrime masterminds
The sixth sense for cyber defense: Multimodal AI
DeepSpeed: a tuning tool for large language models
Sophos AI to present on how to defang malicious AI models at Black Hat Europe
SophosAI team presents three papers on AI applied to cybersecurity at CAMLIS
Political Manipulation with Massive AI Model-driven Misinformation and Microtargeting
SophosAI at Virus Bulletin ’24: Using multimodal AI as a “sixth sense” for cyber defense
Unit 42
The npm Threat Landscape: Attack Surface and Mitigations (Updated May 21)
Tracking TamperedChef Clusters via Certificate and Code Reuse
Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files
Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools
Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years
Essential Data Sources for Detection Beyond the Endpoint
That AI Extension Helping You Write Emails? It’s Reading Them First
TGR-STA-1030: New Activity in Central and South America
Frontier AI and the Future of Defense: Your Top Questions Answered
Talos Intelligence
TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities
From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
The time of much patching is coming
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Breaking things to keep them safe with Philippe Laulheret
Microsoft Patch Tuesday for May 2026 — Snort rules and prominent vulnerabilities
State-sponsored actors, better known as the friends you don’t want
Unplug your way to better code
Insights into the clustering and reuse of phone numbers in scam emails
UAT-8302 and its box full of malware
© 2026 RiskDiscovery | Sponsored by: Deception Logic