[
News
|
Newsletters
|
Blogs
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
Records Are Made to Be Broken: Patch Tuesday Raises Triage Stakes
6 GHz Wi-Fi Flaws Could Disrupt Critical Systems
Manage Vendor Risk in a Few Practical Steps
Frontier AI: The Genie's Out of the Bottle, but Where's the Rulebook?
ClickFix's Mushrooming Ecosystem Demands New Defense Tactics
Cursor IDE Auto-Executes Malicious Code in Poisoned Repos
Weak Security Continues to Fuel Russian Cyberattacks
'Yellow Teams' Are Defining the Future of AI Security
GigaWiper Lets Threat Actors Choose Their Own Destructive Attack
Turning the Tables on Email Scammers With 'ScamBuster'
Ars Technica
Microsoft’s Secure Boot has been broken for a decade and no one noticed until now
The US government warns that Russia state hackers are coming after your router
Now, defenders are embracing the prompt injection, too
Patch for Windows Defender 0-day could allow attackers to fill hard disk
Allstate accuses Broadcom of auditing it because it quit VMware, CA
Google pays $250K for Linux vulnerability allowing guest VM escapes
Aussie gov't tells volunteers to throw out thousands of functioning test routers
US rare earths flow to Asia as domestic demand is slow to emerge
Hackers can use 9 of the most popular AI tools to assemble massive botnets
Newly discovered PamStealer isn't your typical macOS malware
CyberScoop
White House details ‘Gold Eagle’ clearinghouse for AI cyber threats
Microsoft discloses ‘the mother of all’ vulnerability loads, tripling June’s previous record
Treasury sanctions First VPN Service, others for abetting ransomware gangs
States are building their own election defense networks as federal support evaporates
Europe strikes out against Russia’s Turla over espionage, ‘destructive attacks’
Officials once again warn defenders that Russian hackers are targeting network devices
AI-generated code has made security debt a governance problem
Armenian national pleads guilty to Ryuk ransomware attacks
CISA looks to remedy ailments from big May credential leak
Former DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail
InfoSecurity Magazine
US: Pentagon Suspends CMMC Phase II Requirements for Defense Contractors
New MacOS Malware Exploits Legitimate Developer ID to Pose as Apple Crash Reporter
Lidl Notifies Customers of Third-Party Data Breach
Five Charged in “Russian Coms” Fraud Platform Case
Open Directory Exposes Three Evilginx Phishing Operators
Pakistani Police Systems Hit by Chinese and Indian Espionage
Novel OAuth Client ID Spoofing Technique Targets Cloud Environments
Progress Software Warns of "External Security Threat" to ShareFile
Russian State Hackers Target Vulnerable Routers Worldwide, Joint Advisory Warns
Hacker Extradited from Ukraine Pleads Guilty to Ryuk Ransomware Charges
SecurityWeek
Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days
Synopsys Finds No Evidence of Data Breach Amid Bosch Hack Claims
Adobe Patches Critical ColdFusion Vulnerabilities
7 Severe Vulnerabilities Patched in VMware Avi Load Balancer
Unpatched Claude for Chrome Flaw Lets Extensions Read Gmail, Calendar
SAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud
US, Allies Warn of Russian Cyberattacks Targeting Critical Infrastructure Routers
Valarian Raises $50 Million for Sovereign Infrastructure Control Layer
Multiple Jscrambler Packages Impacted by Supply Chain Attack
Pentagon Suspends CMMC Phase 2 as It Rethinks Contractor Cybersecurity Rules
ZDNet
I've used the iOS 27 beta for a month: 7 ways the new Siri is dramatically better
I tested the Ultrahuman Ring Pro: It's a biohacker's dream that's not for me
The only Apple Watch strap you'll ever need is down to its lowest price yet
How to download iPadOS 27 right now - and which models support it
Every iPhone model that supports iOS 27 (and which older ones don't)
How to download iOS 27 right now (and which iPhone models support it)
Google is training AI on even more of your data now, unless you opt out - here's how
5 smart home gadgets I actually recommend, after years of testing
Google Search will let you instantly generate AI images for free - here's how
I'm a serial Linux distro hopper - these 7 signs mean it's time to switch
The Hacker News
Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack
SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data
Researchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail Reads
LabubaRAT Masquerades as NVIDIA Software to Control Windows Hosts
RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata
11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot
Study of 85 Crypto Wallet Extensions Finds Address Leaks and Cross-Site Tracking Risks
How Pentera Turns AI Security Workflows into Validation Engines
OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials
Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read
BleepingComputer
SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
Spanish Police take down €140 million cyber fraud ring, arrest four
Nearly 300 GitHub repos pose as legit software to push malware
Microsoft releases Windows 10 KB5099539 extended security update
Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Windows 11 KB5101650 & KB5099414 cumulative updates released
Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown
LastPass, Bitwarden users targeted with fake security alerts
You Don't Have to Run an Exploit to Know If You're Vulnerable
Microsoft Entra ID gets passkeys default authentication starting September
gbhackers
Miasma Worm Returns as RAT-First npm Attack With Automatic Propagation Disabled
xAI Grok CLI Exposed Developer Code Through Automatic Whole-Repository Uploads
Attackers Distribute Password Attacks Across Fictional OAuth Apps to Evade SOC Alerts
Cybercriminals Target Turkish Banks With 8,400 Phishing Domains and 6,600 Scam Ads
ANY.RUN Integrates Threat Intelligence and Interactive Sandbox to Streamline SOC Workflows
CISA Adds Cisco IOS CSRF Flaw Enabling Arbitrary Command Execution to KEV Catalog
Greenhat Announces Successful Delegation at Web Summit Vancouver 2026
SAP July 2026 Patch Day Fixes Critical NetWeaver, Approuter, and Commerce Cloud Vulnerabilities
WinFsp Race Condition Flaw Allows Attackers to Gain SYSTEM-Level Access on Windows
Why programming true randomness in emulators is a developer worst nightmare
Cybersecurity Dive
Sharp rise in AI adoption for cyber defense exposes major governance gap
Healthcare sector faces persistent challenges with supply-chain security, identity management
US authorities warn that state-linked hackers are targeting vulnerable networking devices
Hackers find a new trick to collect Microsoft Entra user data without raising red flags
Copy-paste might be the riskiest thing your enterprise employees do all day
When cybercriminals outrun the feed
Initial access broker linked to weaponization of CitrixBleed2 flaw
CISA details security lapses that led to GitHub leak of passwords, cloud access keys
Data breach hits car insurance provider
Ransomware ecosystem grows, but ‘four-headed monster’ dominates
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Patchpocalypse Now: Microsoft tops last month's record with 622 Patch Tuesday CVEs
Welsh Doxbin admin jailed for egging on swatters from behind a screen
Musk promises purge after Grok Build caught sending entire repos to the cloud
'The bots are alive!' Jailbroken Gemini spun up new C2 server for Russian fraudster in just 6 minutes
Baddies caught exploiting extensions bugs with perfect 10 scores on vulnerable Joomla websites
EU and UK officially blame Russian spies for cyberattack on Poland's power grid
World Cup grudge attackers may have scored Argentine FA access via year-old infostealer infection
Progress orders emergency ShareFile server shutdown over mystery security threat
Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package
Fashion mart Miinto unzips breach details, warns shoppers to watch for phisherfolk
VentureBeat
1Password moves into AI cost management, betting that token spend is the next enterprise budget crisis
Forget typosquatting; slopsquatting is the software supply chain threat created by AI coding tools
Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds
AI has collapsed the cyber response window — resilience now starts before the attack
The real cost, security, and culture problems behind enterprise AI agents
Digital resilience compounds when AI and human expertise scale together
The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.
TechCrunch
Iran abused mobile networks’ vulnerabilities to locate US military in the Middle East, report says
Telegram’s shortlink domain is back online after day-long suspension
Apple says former employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI
LAPD lets contract with surveillance giant Flock expire, citing ‘serious concerns’ over civil liberties and privacy
US cybersecurity agency CISA had to build its incident playbook during the incident, agency reveals
Florida ransomware negotiator convicted for helping ransomware gang extort US companies
Another massive data breach exposed millions of driver’s license numbers
Hacked, leaked, and held for ransom: The worst breaches of 2026 so far
Hacktivists call out Trump by hacking and defacing US Army websites
Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom
Network World Security
Fortinet adds AI protections to endpoint security platform
How data centers cope with heat waves
ISC2: AI raises accountability demands for cybersecurity teams
2026 network outage report and internet health check
Governments to enterprises: Improve your router security hygiene
Severe weather an increasing risk for data center construction
Routine maintenance as a failure vector in modern networks
Network jobs watch: Hiring, skills and certification trends
AI job titles expand beyond tech as IT hiring remains strong
Broadcom will sell more US-made components to Apple
Help Net Security
SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410)
New macOS malware steals passwords by posing as Apple’s crash-reporting tool
Download: The ultimate guide to network operations management
“Context bombs” can frustrate AI-driven attacks, researchers found
Google adds FIDO2 keys and phone passkeys to Windows login via GCPW
No one knows how many old shims can still bypass UEFI Secure Boot
UK charges five persons linked to fraud platform behind more than a million scam calls
Microsoft Entra ID authentication overhaul to start in September 2026
New tutorials on underground hacking forums have roughly doubled
The best defense against AI attacks turns out to be a skeptical human
SC Magazine
European lawmakers criticize Anthropic for AI policy hearing representation
Man sentenced for role in swatting attacks
ShinyHunters group exploits OAuth trust, prompting Microsoft security upgrades
Cursor vulnerability allows execution of malicious binaries
Google Cloud open-sources tool to manage shadow AI
Fortinet enhances endpoint security with AI monitoring and data loss prevention
New Rust-based RAT named LabubaRAT impersonates NVIDIA software
KFC Japan faces delivery disruptions due to third-party cyberattack
Arizona launches second regional security operations center to boost cyber defense
Mr. Data, Joomla Babooa, 1VPNS, RabbitMQ, UEFI, Center 16, Sextortion, Aaran Leyland - SWN #598
© 2026 RiskDiscovery | Sponsored by:
Deception Logic