[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
French Advisory Sheds Light on Apple Spyware Activity
Without Federal Help, Cyber Defense Is Up to the Rest of Us
Undocumented Radios Found in Solar-Powered Devices
Vyro AI Leak Reveals Poor Cyber Hygiene
'Gentlemen' Ransomware Abuses Vulnerable Driver to Kill Security Gear
Apple CarPlay RCE Exploit Left Unaddressed in Most Cars
F5 to Acquire CalypsoAI for Advanced AI Security Capabilities
AI-Enhanced Malware Sports Super-Stealthy Tactics
Vidar Infostealer Back With a Vengeance
Cyberattack on Kazakhstan's Largest Oil Company Was 'Simulation'
Ars Technica
Modder injects AI dialogue into 2002’s Animal Crossing using memory hack
OpenAI and Microsoft sign preliminary deal to revise partnership terms
35 percent of VMware workloads expected to migrate elsewhere by 2028
Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”
Developers joke about “coding like cavemen” as AI service suffers major outage
Microsoft ends OpenAI exclusivity in Office, adds rival Anthropic
Claude’s new AI file-creation feature ships with security risks built in
SAP warns of high-severity vulnerabilities in multiple products
Why accessibility might be AI’s biggest breakthrough
Software packages with more than 2 billion weekly downloads hit in supply-chain attack
CyberScoop
SonicWall firewalls targeted by fresh Akira ransomware surge
​​DHS watchdog finds mismanagement in critical cyber talent program
CISA work not ‘degraded’ by Trump administration cuts, top agency official says
F5 to acquire AI security firm CalypsoAI for $180 million
Wyden calls on FTC to investigate Microsoft for ‘gross cybersecurity negligence’ in protecting critical infrastructure
China’s ‘Typhoons’ changing the way FBI hunts sophisticated threats
Three states team up in investigative sweep of companies flouting data opt-out laws
The npm incident frightened everyone, but ended up being nothing to fret about
Acting federal cyber chief outlines his three priorities for the next year
Apple’s new Memory Integrity Enforcement system deals a huge blow to spyware developers
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
My hardest-working power station just got an upgrade, and I highly recommend it
I built a business plan with ChatGPT and it turned into a cautionary tale
Snap's next smart glasses get a major OS overhaul to rival Meta Ray-Bans
PayPal Links lets you send and receive money much faster now - even crypto
These Halo smart glasses just got a major memory boost, thanks to Liquid AI
How to clear the cache on your Windows 11 PC (and why you shouldn't wait to do it)
iPhone Air vs. iPhone 17 Pro Max: I compared the two flagship models, and here's the winner
Why I'm skipping the iPhone 17 this year (and it's not just about the money)
The Apple Watch Series 11 is one feature away from making me ditch my Oura Ring
Can't upgrade your Windows 10 PC? You have 5 options - and just weeks to act
The Hacker News
6 Browser-Based Attacks Security Teams Need to Prepare For Right Now
⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More
AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks
FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks
Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks
Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning
Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage
BleepingComputer
FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data
New VoidProxy phishing service targets Microsoft 365, Google accounts
Microsoft reminds of Windows 10 support ending in 30 days
'WhiteCobra' floods VSCode market with crypto-stealing extensions
New HybridPetya ransomware can bypass UEFI Secure Boot
CISA warns of actively exploited Dassault RCE vulnerability
Windows 11 23H2 Home and Pro reach end of support in 60 days
The first three things you’ll want during a cyberattack
Man gets over 4 years in prison for selling unreleased movies
Samsung patches actively exploited zero-day reported by WhatsApp
Cybersecurity Dive
CISA pledges robust support for funding, further development of CVE program
Researchers warn VoidProxy phishing platform can bypass MFA
UK cyber leader calls for shift in focus toward continuity of critical services
How the retail sector teams up to defend against cybercrime
Senior NSC official said US needs to embrace offensive cyber
Ransomware insurance losses spike despite fewer claims: Resilience
National cyber director says US must shift risk burden toward adversaries
Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B
How AI and politics hampered the secure open-source software movement
Bridgestone Americas continues probe as it looks to restore operations
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Former FinWise employee may have accessed nearly 700K customer records
Nork snoops whip up fake South Korean military ID with help from ChatGPT
China turns the screws on Nvidia with antitrust probe
Jaguar Land Rover supply chain workers must get Covid-style support, says union
UK Lords take aim at Ofcom's 'child-protection' upgrades to Online Safety Act
Cyber-scam camp operators shift operations to vulnerable countries as sanctions strike
15 ransomware gangs ‘go dark’ to enjoy 'golden parachutes'
Data destruction done wrong could cost your company millions
HybridPetya: More proof that Secure Boot bypasses are not just an urban legend
Samsung fixes Android 0-day that may have been used to spy on WhatsApp messages
VentureBeat
TechCrunch
Here’s the tech powering ICE’s deportation crackdown 
Apple’s latest iPhone security feature just made life more difficult for spyware makers
France says Apple notified victims of new spyware attacks
Kids in the UK are hacking their own schools for dares and notoriety
Vibe coding? Meet vibe security
Jaguar Land Rover says data stolen in disruptive cyberattack
Google’s former security leads raise $13M to fight email threats before they reach you
Plex urges users to change passwords after data breach
Netskope follows Rubrik as a rare cybersecurity IPO, both backed by Lightspeed
VC giant Insight Partners notifies staff and limited partners after data breach
Network World Security
There are 121 AI processor companies. How many will succeed?
F5 to acquire CalypsoAI for advanced AI security capabilities
HomeLM: A foundation model for ambient AI
Google enlists new ‘free’ data transfer service as the EU Data Act deadline approaches
Microsoft finds possible solution to Azure capacity issues
Nvidia: Latest news and insights
Cisco’s Splunk embeds agentic AI into security and observability products
New life for the mainframe: AI cost savings materialize, modernization efforts pay off
Cadence adds Nvidia to digital twin tool for data center design
Nvidia rolls out new GPUs for AI inferencing, large workloads
Help Net Security
SecurityScorecard acquires HyperComply to automate vendor security reviews
Proofpoint launches agentic AI to detect risks in communication channels
Most enterprise AI use is invisible to security teams
Arkime: Open-source network analysis and packet capture system
What could a secure 6G network look like?
Why neglected assets are the hidden threat attackers love to find
Static feeds leave intelligence teams reacting to irrelevant or late data
Week in review: Salesloft Drift breach investigation results, malicious GitHub Desktop installers
HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot
CISA looks to partners to shore up the future of the CVE Program
InfoSecurity Magazine
AI-Forged Military IDs Used in North Korean Phishing Attack
CISA at Risk After OIG Accuses it of Wasting Federal Funds
Phishing Campaigns Drop RMM Tools for Remote Access
Attackers Adopt Novel LOTL Techniques to Evade Detection
France Warns Apple Users of New Spyware Campaign
ICO Warns of Student-Led Data Breaches in UK Schools
CISA Launches Roadmap for the CVE Program
Fileless Malware Deploys Advanced RAT via Legitimate Tools
Wyden Urges FTC Investigation Over Ascension Ransomware Hack
Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset
© 2025 RiskDiscovery | Sponsored by: Deception Logic