[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
UK Social Media Ban for Minors Has Privacy Experts Worried
Fileless Phantom Stealer Targets Browser Credentials
Security Community Slams US Ban on Exporting Mythos, Fable
SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence
'Lorem Ipsum' Malware Pivots to ClickFix Delivery
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
China-Nexus Actor Spies on US Researchers Undetected for a Year
Most CISOs Report Pressure to Bury Bad Security News
Ars Technica
Year of free HPE software a “step in the correct direction” in VMware rivalry
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
Users cry foul after AMD stripped memory crypto from its consumer CPUs
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
CyberScoop
Lawmakers leary about Trump administration’s Anthropic order
AI’s constant patching treadmill can be a security problem
A case for how to shape ‘ingredient lists’ for AI models
Google exposes China espionage group that’s been lurking in networks undetected since 2023
Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat 
Anthropic disables new models after government calls them a national security concern
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
US, France, and Italian authorities shut down massive deepfake porn site
Conti ransomware group member pleads guilty, faces up to 20 years in prison
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
InfoSecurity Magazine
Staffing Is Top SOC Challenge Even as AI Proliferates, Says SANS
SprySOCKS Backdoor Expands From Linux to Windows
Rokarolla Trojan Combines Banking Fraud With Device Surveillance
Over Two-Thirds of Security Pros Say Cyber Is Getting Harder
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats
FBI Warns Courier Cash Pickups Are Driving Crypto Scams
Attackers Hijack Popular WordPress Plugins to Deploy Backdoors
Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks
Cybersecurity Experts Urge US to Lift Ban on Anthropic's Frontier AI Models
SecurityWeek
Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities
Joomla, LiteSpeed Vulnerabilities Exploited in Attacks
3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs
iRhythm Confirms Data Stolen in Hack
Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker
Magnitude Emerges From Stealth Mode With $10 Million in Funding
AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask
Endpoint Security Startup Ent Emerges From Stealth With $100 Million Seed Round
Cybercrime Group Claims Novo Nordisk Hack
Can CISOs Trust Their Applications? TrustCloud Wants to Replace the Questionnaire
ZDNet
KDE Plasma 6.7 has way more useful features than I expected - and you'll likely get it soon
I've spent years with immutable Linux - RakuOS fixed my biggest annoyance
This 55-inch Fire TV on Amazon costs just $280 - and I can actually recommend it
Your Android phone keyboard may be tracking your inputs - how to check (and 2 ways to stop it)
Amazon has discounted a Lenovo IdeaPad for 73% off, and it's actually worth considering
How I'm using this $13 smart plug to automate my house with voice commands
These are the 11 best early Prime Day phone deals I'd actually buy myself
The 8 best early Prime Day headphone deals: Apple, Bose, Sony, and more deals I'd buy myself
The DIY era of smartwatches has begun - Google and Apple already have me hooked
Android 17 is out now, with a fresh Pixel Drop for June - here's what's new
The Hacker News
144 Mastra npm Packages Compromised via Hijacked Contributor Account
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
BleepingComputer
Microsoft working on Defender patch for RoguePlanet zero-day
Kodak confirms data breach claimed by ShinyHunters extortion gang
Malicious JetBrains Marketplace plugins steal AI API keys from developers
New Rokarolla Android malware targets 217 banking, crypto apps
Steam Workshop abused to spread malware via Wallpaper Engine app
UK to require ID or face scan before you can make social media accounts
GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
FTC warns of record $3.5 billion losses to imposter scams in 2025
CISA warns of another cPanel plugin flaw exploited in attacks
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
gbhackers
7-Year-Old OpenBSD Security Flaw Exposes Systems to Full PAP Authentication Bypass
Steam Workshop Malware Campaign Uses Wallpaper Engine to Steal Accounts and Infect Gamers
CISA Issues Alert on Oracle PeopleSoft Vulnerability Exploited by Ransomware Groups
Hackers Inject Malicious JavaScript Into WordPress Sites to Deploy ErrTraffic ClickFix Lures
Rokarolla Malware Abuses Android Accessibility Services to Steal Banking Credentials
JetBrains Plugin Security Alert: 70,000+ Installs Linked to AI Key Theft
NVIDIA NeMo Security Flaw Exposes Systems to Command Injection Attacks
Fortra Access Manager Security Flaw Exposes Systems to Command Injection
Malware Uses Deno Permission Flags to Run Commands and Proxy Internal Network Traffic
Critical Chrome Flaws Let Attackers Execute Arbitrary Code – Update Immediately
Cybersecurity Dive
AI adoption correlates with incident frequency, underscoring need for governance
China-nexus group linked to multiyear campaign targeting US, Canadian medical research
Cybersecurity experts blast US government for restricting Anthropic’s AI models
MS-ISAC enters uncertain new era after losing federal funding and thousands of members
Agentic AI surges in financial sector even as many firms fail to manage security risks
It’s Mythos’ world now. How do we live in it?
ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft
Enterprises report increasing budgets for security training in AI and other critical topics
FIFA World Cup expected to face extensive criminal, hacktivist cyber threats
CISA gives agencies new vulnerability remediation deadlines that take risk levels into account
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Cyberattack sees crops kept in the ground
Python dev saved from disaster by intuition... and AI
Three critical Fortinet sandbox bugs splattered by unknown attackers
Crooks found a new way to collaborate using Teams – by hiding command-and-control traffic
Cardiac monitor maker's security skips a beat as data thieves go for the jugular
Cisco SD-WAN make-me-root bug under attack
Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Feds snooze as US datacenter law set to lapse with no replacement in site
Microsoft site throwing warnings after someone forgot to renew cert
VentureBeat
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
TechCrunch
Apple plans to change its Hide My Email privacy feature that could make it less effective
Bug in FIFA World Cup internal system gave anyone ability to modify TV stream
India orders temporary ban on Telegram over exam fraud concerns
The US government’s Anthropic models ban was never about an AI jailbreak
Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models
As AI agents become employees, NewCore emerges with $66M to give them identities
Amazon CEO reportedly raised Anthropic model concerns before government crackdown
The FBI built its own replica small town to simulate real-world cyberattacks
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
Network World Security
HPE product barrage targets AI networks, agents, management
2026 network outage report and internet health check
Cloud strategies have become more complicated than ever
Cisco patches SD-WAN flaw amid evidence of active exploitation
IBM sends signals with its $10 billion quantum pledge
NetBox at 10: Network inventory tool now a full infrastructure intelligence platform
How Jeetu Patel made Cisco unrecognizable
Amazon claims its data centers are 7x more water-efficient than the industry average
Marvell announces 102.4 Tbps switch silicon built for AI
IBM, ServiceNow team to bring AI to legacy enterprise systems
Help Net Security
Apple is bringing Hide My Email and Sign in with Apple under one domain
Fortinet FortiSOC unifies SIEM, SOAR, threat intelligence, and AI in one platform
The SOC’s visibility gap comes down to staffing
Microsoft AntiSSRF open-source library helps block server-side request forgery
Product showcase: From phishing texts to risky Wi-Fi, Norton 360 Deluxe watches the gaps
Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure
The checklist problem behind critical infrastructure cyber safety
Attackers are exploiting FortiSandbox vulnerabilities
Cybercriminals mask malicious communications through Microsoft Teams relays
TekStream launches Proactive Cyber Defense to counter AI-driven threats
SC Magazine
Anonymized infrastructure complicates IP intelligence for security teams
SprySOCKS backdoor expands to Windows with new variants
Beyond Identity launches Ceros to secure enterprise AI agents
Malware distributed via Steam Workshop wallpapers
UK government to ban social media for under-16s
North Korean hackers use fake Microsoft alerts to deploy NarwhalRAT malware
DragonForce ransomware uses Microsoft Teams for covert command and control
GhostTree technique uses NTFS junctions to evade security scans
India temporarily blocks Telegram over exam fraud concerns
Security researcher reportedly accesses FIFA World Cup broadcast controls via API flaw
© 2026 RiskDiscovery | Sponsored by: Deception Logic