[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
[Virtual Event] Anatomy of a Data Breach: What to Do if it Happens to You
Infosecurity Europe
AI Agents Are Shifting Identity Security Budget Dynamics
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
Content Delivery Exploit Opens Websites to Brand Hijacking
Cyber Pros Can't Decide If AI Is a Good or a Bad Thing
GitHub Confirms Breach, 4K Internal Repos Stolen
Fake Android Apps Commit Carrier Billing Fraud for Premium Services
Processes and Culture Top Reasons Behind Data Breaches
Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control
Ars Technica
US government takes $2 billion equity stake in nine quantum computing firms
Google publishes exploit code threatening millions of Chromium users
In stunning display of stupid, secret CISA credentials found in public GitHub repo
Zero-day exploit completely defeats default Windows 11 BitLocker protections
Cisco announces record revenue and 4,000 layoffs in the same day
Linux bitten by second severe vulnerability in as many weeks
Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
Ars Asks: Share your shell and show us your tricked-out terminals!
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
CyberScoop
Trump postpones executive order focused on AI security 
CISA chief frets about open-source vulnerabilities, delayed security improvements
European authorities take down prolific cybercrime VPN service
The readiness paradox: Why a false sense of cyber confidence is becoming a liability
Meet Rampart and Clarity, Microsoft’s new red team combo AI agents
GitHub says internal repositories were impacted in poisoned VS Code extension attack
CISA credential leak raises alarms, and Capitol Hill demands answers
Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches
Mini Shai-Hulud returns, compromising hundreds of npm packages
Microsoft disrupts cybercrime service that abused software verification systems en masse
InfoSecurity Magazine
Cybercriminal VPN Dismantled in Europol Crackdown
GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension
Three-Quarters of Firms Knowingly Ship Vulnerable Code
Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes
Grafana Labs Says Code Breach Stemmed from TanStack Attack
Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users
Mini Shai-Hulud Hits Hundreds of npm Packages in AntV Ecosystem
China-Linked Webworm APT Evolves Tactics, Expands to European Targets
GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
Researchers Warn CypherLoc Scareware Has Targeted Millions of Users
SecurityWeek
Cisco Patches Critical Vulnerability in Secure Workload
Ocean Emerges From Stealth With $28M for Agentic Email Security Platform
Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
Socket Raises $60 Million at $1 Billion Valuation
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility
Quantum Bridge Raises $8 Million for Quantum-Safe Key Distribution Solution
Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
ZDNet
How Sony nearly ruled spatial audio - until Apple changed music forever
Apple, Sony, and Bose headphones are all on sale for Memorial Day - I found the best deals
Switch to adaptive chargers? My advice after testing low-power options for a year
I found the best early Memorial Day phone deals: Save big on Samsung, Google, Apple and more
Home Depot and Lowe's have power tool deals for up to $400 off ahead of Memorial Day
I found the best early Memorial Day outdoor deals: Lawn mowers, power banks, and more
Best Buy and Amazon just dropped prices on SSDs ahead of Memorial Day - I found the best deals
Samsung's free 32-inch Odyssey monitor deal is back in stock - how to qualify
Linus Torvalds on the AI claim that makes him angry, and what security researchers should never do
These are the best early Memorial Day 2026 TV deals I've found so far
The Hacker News
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
When Identity is the Attack Path
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
BleepingComputer
Google accidentally exposed details of unfixed Chromium flaw
Apple blocked over $11 billion in App Store fraud in 6 years
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
Chinese hackers target telcos with new Linux, Windows malware
Max severity Cisco Secure Workload flaw gives Site Admin privileges
Police seize “First VPN” service used in ransomware, data theft attacks
Flipper One project needs community help to build open Linux platform
Microsoft warns of new Defender zero-days exploited in attacks
GitHub links repo breach to TanStack npm supply-chain attack
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
gbhackers
Apache OFBiz RCE Flaw Abuses Password-Change Restrictions for Authentication Bypass
Microsoft Defender Zero-Day Vulnerabilities Actively Exploited in the Wild
Discord Enables End-to-End Encryption by Default Across Voice and Video Features
Google Chrome Security Flaws Could Let Attackers Execute Code Remotely
Fake Microsoft Teams Downloads Spread ValleyRAT Malware
TamperedChef Malware Hides in Signed Apps to Drop Stealers and RATs
New NGINX 0-Day RCE “nginx-poolslip” Threatens Millions of Servers
Critical Vulnerability in Cisco Secure Workload Threatens Enterprise API Security
Fake Invitation Phishing Campaign Steals Credentials From U.S. Organizations
Indian Student Data Weaponized in Phishing and Financial Fraud Campaigns
Cybersecurity Dive
CISA asks cybersecurity community to alert it to vulnerability exploitation
Grafana Labs links GitHub environment breach to TanStack npm supply chain attack
7-Eleven hit by data breach
Microsoft disrupts cybercrime operation that hid behind legitimate software
Compromised coding tool helped hackers breach thousands of GitHub repositories
Telecom sector launches its own private ISAC
Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN
Grafana Labs says hacker gained access to codebase through leaked token
How a government contest launched a revolution in AI-based bug hunting
Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
HackerOne takes an axe to its bug bounty rewards
Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach
Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw
Microsoft storms RAMPART, adds Clarity to agentic AI safety
Zombie user account let hackers control the city’s water
Even Claude agrees: hole in its sandbox was real and dangerous
GitHub says internal repos exfiltrated after poisoned VS Code extension attack
London's police asked Big Tech for comms data over 700,000 times last year
Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
America's top cyber-defense agency left a GitHub repo open with passwords, keys, tokens – and incredibly obvious filenames
VentureBeat
MFA verifies who logged in. It has no idea what they do next.
Americans can’t spot a deepfake, and that’s a business crisis, not just a consumer problem
GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK
Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering
Agent authorization is broken — and authentication passing makes it worse
Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps
Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses
TechCrunch
Scammers are abusing an internal Microsoft account to send spam links
Customers say Trump Mobile is leaking their personal information
GitHub says hackers stole data from thousands of internal repositories
Discord enables end-to-end encrypted voice and video calling for every user
From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing
Hackers have compromised dozens of popular open source packages in an ongoing supply-chain attack
US cyber agency CISA exposed reams of passwords and cloud keys to the open web
NYC Health + Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people
Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom
A hotel check-in system left a million passports and driver’s licenses open for anyone to see
Network World Security
Cisco’s new certs are a wake-up call for AI-era network engineers
Microsoft plans significant update to Windows Secure Boot
Forward launches Predict to take the guesswork out of network changes
Network jobs watch: Hiring, skills and certification trends
Nvidia: Latest news and insights
Riverbed expands autonomous AI capabilities for Aternity platform
Cisco: Latest news and insights
Selector targets the network visibility gap in multi-cloud infrastructure
Top network and data center events of 2026
AI reshapes cybersecurity workforce priorities as IT teams brace for new risks
Help Net Security
Microsoft open-sources tools for designing and testing AI agents
Authorities dismantle First VPN, used by ransomware actors
GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
Virtru centers file collaboration around data-level protection
ASAPP expands adversarial testing for enterprise AI systems
Tenable Hexa AI automates remediation across attack surfaces
Riverbed introduces new Aternity tools for autonomous IT operations
Forward launches Predict to test network changes before deployment
CTERA brings AI insights and automation for unstructured data
SC Magazine
Socket raises $60 million for its open-source security platform
Microsoft releases new AI red teaming tools for developers
Teenager from Odesa suspected of running infostealer malware operation
Attackers exploit SonicWall VPN vulnerability to bypass MFA
AI Governance Explained: How to Secure Data, Control Risk & Stay Compliant - WC #1
How identity became the new security battleground
WantToCry ransomware evades detection through SMB abuse, remote encryption
APIs under pressure: How AI is rewriting the rules of enterprise security
1Password and OpenAI collaborate on secure credential access for AI coding agents
Carding forum B1ack's Stash releases millions of stolen credit card records
© 2026 RiskDiscovery | Sponsored by: Deception Logic