[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Black Hat USA
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
Do Ceasefires Slow Cyberattacks? History Suggests Not
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?
Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers
Threat Actors Get Crafty With Emojis to Escape Detection
AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties
Fraud Rockets Higher in Mobile-First Latin America
Ars Technica
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
CyberScoop
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Why is the timeline to quantum-proof everything constantly shrinking?
Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’
Don’t just fight fraud, hunt it
Hack-for-hire spyware campaign targets journalists in Middle East, North Africa
Feds quash widespread Russia-backed espionage network spanning 18,000 devices
Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities
Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn
Cybercrime losses jumped 26% to $20.9 billion in 2025
‘GrafanaGhost’ bypasses Grafana’s AI defenses without leaving a trace
InfoSecurity Magazine
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies
STX RAT Targets Finance Sector With Advanced Stealth Tactics
Bitcoin Depot Reports $3.6m Crypto Theft After System Breach
Atomic Stealer MacOS ClickFix Attack Bypasses Apple Security Warnings
Middle East Hack-for-Hire Operation Traced to South Asian Cyber Espionage Group
Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs
Google Warns of New Threat Group Targeting BPOs and Helpdesks
Google API Keys Quietly Gain Access to Gemini on Android Devices
Critical Vulnerability in Ninja Forms Exposes WordPress Sites
SecurityWeek
Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday
Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000
MITRE Releases Fight Fraud Framework
Critical Marimo Flaw Exploited Hours After Public Disclosure
Google Rolls Out Cookie Theft Protections in Chrome
Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users
Apple Intelligence AI Guardrails Bypassed in New Attack
Can We Trust AI? No – But Eventually We Must
Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access
ZDNet
AirDrop is coming to older Samsung phones - is yours supported? How to get it early
The best data removal services of 2026: Expert tested and reviewed
I'm no longer using Google Photos as just a cloud storage - 5 tools that elevate the app
The best Samsung TVs of 2026: Expert tested and reviewed
The best mobile scanning apps of 2026: Expert tested and reviewed
The best HP laptops of 2026: Expert tested and reviewed
Surprise: Not every Lenovo laptop is worth recommending in 2026 - the Yoga 7i is proof
Samsung S95H vs. Samsung S95F: I compared the OLED TVs and wasn't prepared for the upset
Home Depot's new DeWalt deal comes with a free power tool - how to redeem the offer
I tried CuerdOS and this niche Debian distro is dramatically fast
The Hacker News
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
The Hidden Security Risks of Shadow AI in Enterprises
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
BleepingComputer
Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
Microsoft: Canadian employees targeted in payroll pirate attacks
Google rolls out Gmail end-to-end encryption on mobile devices
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
New VENOM phishing attacks steal senior executives' Microsoft logins
Healthcare IT solutions provider ChipSoft hit by ransomware attack
Google Chrome adds infostealer protection against session cookie theft
Smart Slider updates hijacked to push malicious WordPress, Joomla versions
When attackers already have the keys, MFA is just another door to open
Webinar: From noise to signal - What threat actors are targeting next
gbhackers
Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data
Fake BTS Tour Ticket Scams Target Fans Worldwide
Iranian APT alert: 5,219 Rockwell PLCs exposed online
Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy
HPE Aruba Private 5G Vulnerability Opens Door to Credential Theft Attacks
TP-Link Devices at Risk as Multiple Security Flaws Enable Takeover
Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action
New React Server Components Flaw Could Let Attackers Trigger DoS
GitHub, GitLab Abused for Malware and Phishing Campaigns
MuddyWater Uses Russian MaaS in New ChainShell Attack
Cybersecurity Dive
NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog
US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure
Iran-linked hackers target water, energy in US, FBI and CISA warn
CISA’s vulnerability scans, field support on chopping block in Trump budget
React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data
Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface
Threat cluster launches extortion campaign using social engineering
Hims & Hers says limited data stolen in social engineering attack
Critical flaw in FortiClient EMS under exploitation
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
CPUID site hijacked to serve malware instead of HWMonitor downloads
Project Glasswing and open source software: The good, the bad, and the ugly
Britain seeks views before it drops the hammer on signal jammers
Unpacking AI security in 2026 from experimentation to the agentic era
Crypto? Huh. Good gawd y'all, what is it good for? $45M in this case
'Several dozen' high-value corporations hit by new extortion crew in helpdesk phishing spree
Chevin pulls the handbrake on FleetWave software after security scare
Months-old Adobe Reader zero-day uses PDFs to size up targets
Microsoft locks out VeraCrypt and WireGuard devs, blames verification process
Security researchers tricked Apple Intelligence into cursing at users. It could have been a lot worse
VentureBeat
Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook
AI agents that automatically prevent, detect and fix software issues are here as NeuBird AI launches Falcon, FalconClaw
Closing the data security maturity gap: Embedding protection into enterprise workflows
OCSF explained: The shared data language security teams have been missing
In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now
Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected
CrowdStrike, Cisco and Palo Alto Networks all shipped agentic SOC tools at RSAC 2026 — the agent behavioral baseline gap survived all three
TechCrunch
Hacker stole £700,000 from UK energy company by redirecting payment
WireGuard VPN developer can’t ship software updates after Microsoft locks account
Hack-for-hire group caught targeting Android devices and iCloud backups
Hackers steal and leak sensitive LAPD police documents
Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account
Final 3 days to save up to $500 on your TechCrunch Disrupt 2026 pass
Iranian hackers are targeting American critical infrastructure, US agencies warn
Anthropic debuts preview of powerful new AI model Mythos in new cybersecurity initiative
Russian government hackers broke into thousands of home routers to steal passwords
Trump administration plans to cut cybersecurity agency’s budget by $700 million
Network World Security
Google owns the most AI compute, and it built it its way
Cisco to acquire Galileo for AI observability
Nvidia: Latest news and insights
Top network and data center events of 2026
Neoclouds gain momentum in a supply-constrained world
Lumen: Upstream network visibility is enterprise security’s new front line
Yael Nardi joins Minimus as Chief Business Officer to head growth strategy
Nvidia Rubin GPUs may be delayed, slowing the next phase of AI infrastructure
What is AI networking? How it adds intelligence to your infrastructure
Aria Networks raises $125M and debuts its approach for AI-optimized networks
Help Net Security
ClickFix campaign delivers Mac malware via fake Apple page
Poisoned “Office 365” search results lead to stolen paychecks
Gmail’s end-to-end encryption comes to mobile, no extra apps required
To counter cookie theft, Chrome ships device-bound session credentials
Little Snitch for Linux shows what your apps are connecting to
Apiiro CLI turns AI coding assistants into full-stack security engineers
April 2026 Patch Tuesday forecast: Spring-cleaning of a preview
What vibe hunting gets right about AI threat hunting, and where it breaks down
Health insurance lead sites sell personal data within seconds of form submission
Product showcase: Session, a messenger without phone numbers or metadata
SC Magazine
Capability-centric governance redefines access control for legacy systems
Back to the beginning: A new model for secure SaaS access
Internet-exposed Modbus ICS devices threaten critical infrastructure
Misconfiguration spills over 40M SMTP records linked to major firms
Over 300K Americans compromised in Eurail breach
Major Colombian banks purportedly breached, data leaked
AI Makes All Bug Shallow? - PSW #921
Contagious Interview campaign expands further
Iranian cyberattacks to continue amid ceasefire
Cybercriminals use emojis to evade detection, Flashpoint warns
© 2026 RiskDiscovery | Sponsored by: Deception Logic