[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Black Hat USA
Storm-1175 Deploys Medusa Ransomware at 'High Velocity'
Grafana Patches AI Bug That Could Have Leaked User Data
RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever
Human vs AI: Debates Shape RSAC 2026 Cybersecurity Trends
Lies, Damned Lies, and Cybersecurity Metrics
Focusing on the People in Cybersecurity at RSAC 2026 Conference
AI-Assisted Supply Chain Attack Targets GitHub
Axios Attack Shows Complex Social Engineering Is Industrialized
Fortinet Issues Emergency Patch for FortiClient Zero-Day
Ars Technica
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Supply-chain attack using invisible code hits GitHub and other repositories
CyberScoop
Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities
Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn
Cybercrime losses jumped 26% to $20.9 billion in 2025
‘GrafanaGhost’ bypasses Grafana’s AI defenses without leaving a trace
Fortinet customers confront actively exploited zero-day, with a full patch still pending
pcTattleTale stalkerware maker sentence includes fine, supervised release
Trump budget proposal would cut hundreds of millions more from CISA
Wyden warns Social Security chief: Trump’s voter database is ‘blatant voter suppression’
House Dems decry confirmed ICE usage of Paragon spyware
Akira ransomware group can achieve initial access to data encryption in less than an hour
InfoSecurity Magazine
Russian APT28 Hackers Hijack Routers to Steal Credentials, UK Security Agency Warns
GPU Rowhammer Attack Enables Privilege Escalation and Full System Compromise
GrafanaGhost Exploit Bypasses AI Guardrails for Silent Data Exfiltration
Over $17bn Lost to Cyber Fraud in the Last Year, Warns FBI
Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks
Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploited
New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs
New 'Storm' Infostealer Remotely Decrypts Stolen Credentials
NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
Apple Expands iOS 18 Security Updates Amid DarkSword Threat
SecurityWeek
Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks
The New Rules of Engagement: Matching Agentic Attack Speed
Trent AI Emerges From Stealth With $13 Million in Funding
Critical Flowise Vulnerability in Attacker Crosshairs
Severe StrongBox Vulnerability Patched in Android
GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data
Webinar Today: Why Automated Pentesting Alone Is Not Enough
GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack 
Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems
German Police Unmask REvil Ransomware Leader
ZDNet
Your AirPods are gross. This $6 tool will keep them sparkling clean
LG C6 vs. LG C5: I compared two generations of OLED TVs, and it was pretty darn close
I swapped my MacBook Air with a Snapdragon X Elite Extreme laptop - here's how they compared
Google Chrome's vertical tabs are here: How to opt in and use the new Reading Mode
Apple, Google, and Microsoft join Anthropic's Project Glasswing to defend world's most critical software
Love window snapping on Linux? You should try a tiling window manager - here's why
Why I returned to Enlightenment Linux after 30 years: Testing the new Elive beta
I tried Google Photos' new AI Enhance tool: How it crops, relights, and fixes your shots - sometimes
How I calibrated my subwoofer placement for peak impact in awkward room setups
I tested the AirPods Max 2, Sony XM6, and Bose Ultra 2: Why Bose is my top pick
The Hacker News
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk
Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
The Hidden Cost of Recurring Credential Incidents
New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
BleepingComputer
Hackers exploit critical flaw in Ninja Forms WordPress plugin
FBI: Americans lost a record $21 billion to cybercrime last year
Snowflake customers hit in data theft attacks after SaaS integrator breach
US warns of Iranian hackers targeting critical infrastructure
Max severity Flowise RCE vulnerability now exploited in attacks
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
Why Your Automated Pentesting Tool Just Hit a Wall
German authorities identify REvil and GandCrab ransomware bosses
New GPUBreach attack enables system takeover via GPU rowhammer
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
gbhackers
CUPS Vulnerabilities Could Allow Remote Attackers to Achieve Root-Level Code Execution
BPFDoor Variants Hide with Stateless C2 and ICMP Relay Tactics
Windmill Developer Platform Flaws Expose Users to RCE Attacks, Proof-of-Concept Published
Kubernetes Flaws Let Hackers Jump From Containers to Cloud Accounts
GPUBreach Attack Could Lead to Full System Takeover and Root Shell Access
Fake Gemini npm Package Steals AI Tool Tokens
Hackers Exploit Next.js React2Shell Vulnerability, Breach 766 Hosts in 24 Hours
Tor-Backed ClickFix Campaign Drops Node.js RAT on Windows
Critical Android Flaw Allows Zero-Interaction Denial-of-Service Attacks
Attackers Exploit Flowise Injection Vulnerability as 15,000+ Instances Remain Exposed
Cybersecurity Dive
CISA’s vulnerability scans, field support on chopping block in Trump budget
React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data
Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface
Threat cluster launches extortion campaign using social engineering
Hims & Hers says limited data stolen in social engineering attack
Critical flaw in FortiClient EMS under exploitation
Trump’s FY2027 budget again targets CISA
Researchers warn of critical flaws in Progress ShareFile
Government agencies see cyber threats as major barrier to tech improvements
Critical flaw in F5 BIG-IP faces wide exploitation risk
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Iran cyber actors disrupting US water, energy facilities, FBI warns
Hundreds of orgs compromised daily in Microsoft device code phishing attacks
US cybercrime losses pass $20B for first time as AI boosts online fraud
Russia's Fancy Bear still attacking routers to boost fake sites, NCSC warns
Yahoo! Japan’s owner consolidating 164 OpenStack clusters into one
AI agents found vulns in this popular Linux and Unix print server
Attackers exploited this critical FortiClient EMS bug as a 0-day
Anthropic sure has a mess on its hands thanks to that Claude Code source leak
Researchers didn’t want to glamorize cybercrims. So they roasted them
Trump wants to take a battle axe to CISA again and slash $707M from budget
VentureBeat
AI agents that automatically prevent, detect and fix software issues are here as NeuBird AI launches Falcon, FalconClaw
Closing the data security maturity gap: Embedding protection into enterprise workflows
OCSF explained: The shared data language security teams have been missing
In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now
Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected
CrowdStrike, Cisco and Palo Alto Networks all shipped agentic SOC tools at RSAC 2026 — the agent behavioral baseline gap survived all three
OpenClaw has 500,000 instances and no enterprise kill switch
TechCrunch
Iranian hackers are targeting American critical infrastructure, US agencies warn
Anthropic debuts preview of powerful new AI model Mythos in new cybersecurity initiative
Russian government hackers broke into thousands of home routers to steal passwords
Trump administration plans to cut cybersecurity agency’s budget by $700 million
Watch this video of how a job interviewer exposes a North Korean fake IT worker
North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making
Ticket savings of up to $500 this week for TechCrunch Disrupt 2026
Convicted spyware maker Bryan Fleming avoids jail at sentencing
After fighting malware for decades, this cybersecurity veteran is now hacking drones
Europe’s cyber agency blames hacking gangs for massive data breach and leak
Network World Security
Cisco joins Anthropic’s multivendor effort to secure AI software
Cisco: Latest news and insights
2026 network outage report and internet health check
Nvidia: Latest news and insights
Nvidia’s SchedMD acquisition puts open-source AI scheduling under scrutiny
Cisco: AI simplifies wireless operations but also taxes legacy Wi-Fi networks
Cloud-first vs. sovereign-first: Navigating the trade-off
Hyperscaler backlogs show growing demand for AI infrastructure
Two New England states say no to new data centers
AI for IT stalls as network complexity rises
Help Net Security
Cybercrime losses break the $20 billion mark
Russian hackers hijack internet traffic using vulnerable routers
Acronis MDR by TRU brings 24/7 managed detection and response to MSPs
Cloudflare moves up its post-quantum deadline as researchers narrow the path to Q-Day
AI-enabled device code phishing campaign exploits OAuth flow for account takeover
GitHub Copilot CLI gets a second-opinion feature built on cross-model review
Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR
OpenAI opens applications for an external AI safety research fellowship
The case for fixing CWE weakness patterns instead of patching one bug at a time
How Mimecast brings enterprise-grade email protection to API deployment
SC Magazine
Cloudflare launches AI rebuild of WordPress CMS
Voxbeam fined $4.5M by FCC over robocall case
Active exploitation of max severity Flowise bug threatens broad compromise
Immediate remediation of Fortinet FortiClient EMS bug ordered by CISA
New CUPS vulnerabilities threaten RCE, network breaches
AI agent compromise via illicit web content detailed
Novel ResokerRAT malware exploits Telegram API to target Windows systems
Malware distributed via ILSpy WordPress domain breach
Malicious PyPI package enables Claude prompt, data compromise
Cyber-enabled fraud, ransomware losses spike, FBI reports
© 2026 RiskDiscovery | Sponsored by: Deception Logic