[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
AI Won't Wipe-Out Entry-Level Cybersecurity Jobs
Meeting Trump's 2030 Quantum Deadline Will be Expensive, Complex
Thanks for Crushing the Submissions Inbox. We're Trying to Keep Up
Robinhood Cuts Access Approval Time to Support High-Velocity Development
In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw
Russian APT 'Gamaredon' Upgrades Its Arsenal, Requiring New Defenses
EdTech Attackers Shift From Schools to Their Software Suppliers
Local Police Collusion Hampers Crackdown on Asian Scam Centers
Europe Evolves Into Ransomware's Favorite Region
Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure
Ars Technica
Notion killing Skiff-influenced email app since most users use AI agents instead
One-two punch delivered in global operation disrupts cybercrime "assembly line"
White House drastically shortens deadline for dropping quantum-vulnerable crypto
Oracle’s 21,000 layoffs help drive its debt-fueled AI investments
Following user outcry, AMD reinstates memory encryption in consumer CPUs
Microsoft discovers new lightweight backdoor that steals cryptocurrency
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
Before SpaceX IPO, investors in China secretly acquired stakes
Massive breach spills credentials for thousands of sensitive networks
Tesco moving 40,000 server workloads off VMware amid Broadcom's “abusive conduct”
CyberScoop
FCC passes new cybersecurity rules for emergency systems, undersea cables
Federal court rules Trump election-focused executive order illegal
Russia uses Cellebrite to break into human rights activist’s phone, even after cancellation of contract
Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack
Why patch directives only go so far
Malicious hackers exploit Cisco zero-day for highest access level at communications service provider
In a first, a court takedown goes after two cybercrime tools at once
Open-source security is posing challenges governments can’t easily solve
Justice Department seizes infrastructure used by cyber scam and criminal marketplace
Algerian man charged with running two cybercrime marketplaces
InfoSecurity Magazine
China-Linked Hackers Strike Asian Critical Infrastructure with TinyRCT Backdoor
CMC Releases Analysis and Guidance for Education Sector After Canvas Data Breach
Cisco Vulnerability Exploited Months Before Disclosure, Google Warns
Twenty Million US IP Connections Used by Proxy Services
Trust in Automated AI Vulnerability Scanning Collapses to 9%, New Study Finds
New CISA Guide Helps Agencies Adopt SASE For Zero Trust
macOS Flaw Lets Standard Users Disable EDR and MDM
Major Increase in Ransomware Attacks Targeting Europe, Warns New Report
Researchers Trick AI Browsers Into Leaking Credentials
Europol-Led Operation Endgame Takes Down StealC and Amadey Infostealers
SecurityWeek
Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories
More Klue Breach Victims Identified as Hackers Get Hacked
In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs
Nebulock Raises $25 Million for AI-Native Contextual Security
Linux Foundation Unveils New Open Source Security Project Akrites
$3 Million Reportedly Stolen in Polymarket Hack
Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets
First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild
New Enterprise-Ready MCP Specification Brings New Security Challenges
Philip Martin Joins Uber as Chief Information Security Officer
ZDNet
Prime Day ends today: We hand-picked the 100+ best deals still live, before they disappear
Final hours for the best Amazon Prime Day SSD and storage deals - Samsung, Kingston, and more
Best last minute Prime Day Apple deals I found for MacBooks, iPads, AirPods, and more
The best last minute Prime Day smartwatch and fitness tracker deals I recommend right now
The 35+ best Sam's Club deals competing with Prime Day 2026 (including a $15 membership)
The 30+ best Prime Day robot vacuum deals I'd buy (after testing dozens of them)
The best Amazon Prime Day deals: Last chance to save on Anker, Apple, Garmin and more
It's your last chance to grab Prime Day streaming deals from HBO Max, Apple TV, and more
Last chance for the best Prime Day TV deals: Samsung, Sony, and more
The best Prime Day headphone deals: Apple, Bose, Sony, and more deals I'd buy before the sale ends
The Hacker News
New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets
Guardian Agents: The Next Layer of Identity Governance
Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff
Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
BleepingComputer
Your First GRC Agent: A Red Teamer's Walkthrough
Anthropic is testing desktop-like Claude Cowork for mobile
Poland busts SIM-swapping gang tied to millions in crypto theft
Order-tracking app Shop abused to push callback phishing attacks
Microsoft quietly extends free Windows 10 ESU support to October 2027
New macOS malware embeds fake errors to confuse AI analysis tools
PirloTV sports piracy network disrupted as 44 domains seized
Bluekit phishing kit adopts browser-in-the-middle for login theft
The Four Elevations of Effective Fraud Prevention
Webinar: Why account takeovers remain one of the hardest threats to stop
gbhackers
Water and Wastewater Systems Become Strategic Targets for Russia, China, and Iran
China-Linked Malware Found in Counterfeit USB Drives Used on Japan Defense Force Classified Networks
FOSSBilling Flaw Lets Admin Attackers Abuse DI Container for SQL Access and RCE
Hackers Exploit WinRAR CVE-2025-8088 to Plant Startup Shortcut and Run PowerShell Loader
Scammers Abuse Shopify to Send Fake Invoices and Steal Credentials via Fake Support Calls
Russian Authorities Used Cellebrite UFED to Break Into Human Rights Activist’s iPhone
KuinaExtractor Stealer Targets Browser Data, Crypto Wallets, Roblox, Steam, and Discord
WhatsApp Adds Security Warning Before Users Start Chat With Unknown Numbers
Chinese-Speaking Hackers Deploy TinyRCT Backdoor Against Critical Energy Infrastructure
ChatGPT 5.6 Release Reportedly Delayed Following Trump Administration Security Request
Cybersecurity Dive
AWS unveils agent security, data access tools
NIST offers security guidance for water utilities using remote-access tools
As cyber risk evolves, the insurance industry tightens guardrails
Microsoft, Europol lead global takedown of infostealer malware
Ransomware attacks grew in 2025 as traditional data breaches fell
White House’s state infrastructure cybersecurity initiative stalled
Trump sets new deadlines for agencies and contractors to adopt post-quantum cryptography
Klue investigating supply chain attack that targeted Salesforce integrations
Looming AI-fueled threats require urgent cybersecurity improvements, Five Eyes members say
Interpol, Europol renew agreement to combat hackers and other criminals
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds
Miasma campaign poisons 20-plus npm packages, hunts for developer secrets
Security boss thought MFA would be too much security
Chinese cybersecurity company claims it’s built a better-than-Mythos bug finder
Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs
Ex-Huntress analyst claims company insider fed info to a ransomware crim. Social media drama ensues
UK school’s network left wide open for invasion, student found
Nation-state actors cracked critical Australian infrastructure to ‘cripple it at a time of their choosing’
The hits keep on coming for Cisco vulnerabilities
Microsoft uses AI to link two malware operations in racketeering suit
VentureBeat
Visa will offer an inside look at Project Glasswing and how the most powerful agentic models are changing enterprise security at VB Transform 2026
7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes
Copilot searched your mailbox. LiteLLM handed out admin keys. Run this 5-check audit before your stack is next
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
TechCrunch
Polymarket says hackers stole users’ funds
Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats
Cellebrite said it cut off Russia, but Russia used its tools anyway
New website names and shames companies that still don’t offer passkeys to users
Klue says hackers stole credential from 2022 that led to customer data breaches
Password manager maker LastPass says hackers stole customer support case data during Klue breach
Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach
A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak 
Anthropic says Claude may want to see your ID
Klue hack results in data breach at several cybersecurity firms
Network World Security
You can’t build sovereign infrastructure with Broadcom, says CISPE
Presidential order addresses quantum computing gaps
Researchers cast new doubt on Microsoft’s quantum computing advance
IBM unveils sub-1 nanometer chip with nearly 100 billion transistors
Qualcomm’s $3.9 billion purchase of Modular aims to change the data center dynamic
IBM, Red Hat, Palo Alto team to secure open-source software
Break legacy lock-in: Strategic options for enterprises facing the vSphere 8 deadline
Attackers exploit Cisco Unified CM flaw weeks after patch release
Upscale AI readies Skyhammer scale-up networking tech, raises new funding
Rami Rahim’s message for network pros: Legacy networks can’t withstand rigors of AI
Help Net Security
Proof’s x401 establishes an open protocol for AI agent identity and authorization
Critical open-source projects get a new security framework
Synology issues critical fix for MailPlus Server vulnerabilities
Ransomware gangs find Europe’s weakest link in third-party suppliers
Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials
Mystery hackers use novel SharkLoader dropper against governments, software devs
SIM-swapping gang busted in international police operation
ZeroTier Quantum RC2 brings post-quantum security closer to general availability
ThreatModeler introduces Nexus to automate threat modeling with AI governance
Microsoft gives Windows 10 users an unexpected extra year of free security updates
SC Magazine
Think tank warns US markets face hidden infrastructure risks
From M2M to A2A: Why your identity stack wasn't built for what's coming
NIST seeks public feedback on updated IoT security guidelines
FCC approves new cybersecurity rules for emergency alerts and undersea cables
How to stop treating OEM software like a security liability
New ‘Blacksite’ phishing kit bundles AiTM with scanner evasion
Microsoft extends free Windows 10 security updates for consumers
Model Context Protocol overhaul introduces new security challenges for developers
Cloud Visibility, Fortibleed, hacking things the easy way - Sandy Bird - PSW #932
Sports piracy ring linked to PirloTV disrupted in 44-domain takedown
© 2026 RiskDiscovery | Sponsored by: Deception Logic