[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
How NIST's Cutback of CVE Handling Impacts Cyber Teams
Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing
Every Old Vulnerability Is Now an AI Vulnerability
Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs
NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities
North Korea Uses ClickFix to Target macOS Users' Data
'Harmless' Global Adware Transforms Into an AV Killer
Two-Factor Authentication Breaks Free from the Desktop
Microsoft's Original Windows Secure Boot Certificate Is Expiring
6-Year Ransomware Campaign Targets Turkish Homes & SMBs
Ars Technica
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
CyberScoop
Network ‘background noise’ may predict the next big edge-device vulnerability
The surveillance law Congress can’t quit — and can’t explain
US nationals sentenced for aiding North Korea’s tech worker scheme
Officials seize 53 DDoS-for-hire domains in ongoing crackdown
Ghost breaches: How AI-mediated narratives have become a new threat vector
NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities
Executive orders likely ahead in next steps for national cyber strategy
OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model 
We’re only seeing the tip of the chip-smuggling iceberg
CISA cancels summer internships for cyber scholarship students amid DHS funding lapse
InfoSecurity Magazine
NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience
Crypto Exchange Grinex Blames Western Spies for $13m Theft
Commercial AI Models Show Rapid Gains in Vulnerability Research
DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’
US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea
APK Malformation Found in Thousands of Android Malware Samples
Cookeville Medical Center Notifies Patients After July 2025 Ransomware Attack
NIST Drops NVD Enrichment for Pre-March 2026 Vulnerabilities
Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads
Automotive Ransomware Attacks Double in a Year
SecurityWeek
Bluesky Disrupted by Sophisticated DDoS Attack
Senate Extends Surveillance Powers Until April 30 After Chaotic Votes in House
Half of the 6 Million Internet-Facing FTP Servers Lack Encryption
Next.js Creator Vercel Hacked
Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers
Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks
White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology
CoChat Launches AI Collaboration Platform to Combat Shadow AI
In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested
Another DraftKings Hacker Sentenced to Prison
ZDNet
The best website builders for small businesses in 2026: Expert tested and reviewed
I hid 4 Bluetooth trackers (including AirTags) to test their reliability - here's how Android rivals compared
I stopped using my iPhone's hotspot after testing this 5G router - and that won't change
How I share audio from my Android phone to multiple earbuds (and why it's a big deal)
Why I'm recommending last year's phones over 2026 models - with one exception
This powerful Gemini setting made my AI results way more personal and accurate
How I boosted my portable solar panels' power by up to 30% - 11 expert-approved tips
After testing this HP laptop, I get why its 'boring' design is adored by business users
The best TV antenna of 2026: Expert tested
Your old iPad or Android tablet can be your new smart home panel - here's how
The Hacker News
Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data
$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
BleepingComputer
Microsoft pulls service update causing Teams launch failures
Microsoft releases emergency updates to fix Windows Server issues
Vercel confirms breach as hackers claim to be selling stolen data
Apple account change alerts abused to send phishing emails
NIST to stop rating non-priority flaws due to volume increase
Critical flaw in Protobuf library enables JavaScript code execution
Microsoft Teams right-click paste broken by Edge update bug
NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support
Payouts King ransomware uses QEMU VMs to bypass endpoint security
Grinex exchange blames "Western intelligence" for $13.7M crypto hack
gbhackers
Iran’s MOIS Tied to Coordinated Cyber Campaign Using Multiple Hacker Personas
TBK DVR Vulnerability CVE-2024-3721 Exploited to Spread Nexcorium DDoS Malware
iTerm2 Flaw Turns SSH Escape Sequences Into Arbitrary Code Execution
Microsoft-Signed Malware Built With FUD Crypt Packs Persistence and C2
MiningDropper Spreads Infostealers, RATs, Banking Malware on Android
Windows 11 Dev Build Introduces Improved Secure Boot Oversight and Storage Security
JanaWare Ransomware Hits Turkish Users via Tailored Adwind RAT
British Hacker Admits Stealing Millions in Virtual Currency From Targeted Companies
ZionSiphon Hits Israeli Water Systems With OT Sabotage Malware
NSA Confirms Use of Anthropic’s Mythos Despite Pentagon Blacklist
Cybersecurity Dive
Beyond IT: Cybersecurity is a strategic business risk
TP-Link routers face exploitation attempt linked to high-severity flaw
US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms
CIOs fret over rising security concerns amid AI adoption
CISA cancels prestigious summer internships, citing government shutdown
NIST limits vulnerability analysis as CVE backlog swells
FCC exempts Netgear from foreign router ban
Medium-severity flaw in Microsoft SharePoint exploited
Brute-force cyberattacks originating in Middle East surge in Q1
FCC signals continued commitment to Cyber Trust Mark program
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Next.js developer Vercel warns of customer credential compromise
Just like phishing for gullible humans, prompt injecting AIs is here to stay
I meant to do that! AI vendors shrug off responsibility for vulns
CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack
Opsec oopsie: Dutch navy frigate location outed by mailing it a Bluetooth tracker
Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug
Claude Opus wrote a Chrome exploit for $2,283
Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say
North Korea targets macOS users in latest heist
Americans who masterminded Nork IT worker fraud sentenced to 200 months behind bars
VentureBeat
Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds
Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway
Frontier models are failing one in three production attempts — and getting harder to audit
43% of AI-generated code changes need debugging in production, survey finds
Five signs data drift is already undermining your security models
Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot
AI agent credentials live in the same box as untrusted code. Two new architectures show where the blast radius actually stops.
TechCrunch
Palantir posts mini-manifesto denouncing inclusivity and ‘regressive’ cultures
Man who hacked US Supreme Court filing system sentenced to probation
Hackers are abusing unpatched Windows security flaws to hack into organizations
With US spy laws set to expire, lawmakers are split over protecting Americans from warrantless surveillance
Bluesky confirms DDoS attack is cause of continued app outages
European police email 75,000 people asking them to stop DDoS attacks
Two Americans sentenced for helping North Korea steal $5 million in fake IT worker scheme
Fashion retailer Express left customers’ personal data and order details exposed to the internet
Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant
Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites
Network World Security
AI fuels wireless talent shortage
Flawed Cisco update threatens to stop APs from getting further patches
IPv6 may briefly have accounted for more than half of internet traffic
Broadcom’s Facebook friend will help train it to accelerate AI workloads
Data centers are costing local governments billions
Equinix offering targets automated AI-centric network operations
AI shifts IT roles from operator to orchestrator
IBM unveils security services for thwarting agentic attacks, automating threat assessment
OpenAI pulls out of a second Stargate data center deal
Maine to put brakes on big data centers as AI expansion collides with power limits
Help Net Security
Meta and PortSwigger drive offensive security further to find what others miss
EU pushes for stronger cloud sovereignty, awards €180 million to four providers
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
How to spot a North Korean fake in a job interview
Product showcase: Syncthing for secure, private file synchronization
Week in review: Acrobat Reader flaw exploited, Claude Mythos offensive capabilities and limits
Google wipes out 602 million scam ads with Gemini on duty
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics
Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery
SC Magazine
Making AI actually work in the enterprise and more RSAC Conference 2026 interviews - Aamir Lakhani, Camellia Chan, Ely Abramovitch, Jody Brazil, Jim Spignardo - ESW #455
US imposes extended jail time on North Korean laptop farm facilitators
Another PoC exploit released by 'BlueHammer' leaker after Microsoft dispute
Over 337K affected by Cookeville Regional Medical Center hack
Customer data-exposing website flaw remediated by clothing retailer Express
ShinyHunters alleges Kemper Corporation hack, exposes over 13M records
Ransomware attacks against automotive sector escalate
Report sheds light on cargo hackers' post-compromise activity
Nascent PowMix botnet covertly compromises Czech workforce
New Sapphire Sleet attack against macOS users detailed
© 2026 RiskDiscovery | Sponsored by: Deception Logic