[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
[Virtual Event] Anatomy of a Data Breach: What to Do if it Happens to You
Infosecurity Europe
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
Content Delivery Exploit Opens Websites to Brand Hijacking
Cyber Pros Can't Decide If AI Is a Good or a Bad Thing
GitHub Confirms Breach, 4K Internal Repos Stolen
Fake Android Apps Commit Carrier Billing Fraud for Premium Services
Processes and Culture Top Reasons Behind Data Breaches
Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control
Interpol's 'Operation Ramz' Pioneers Cross-Region Collabs in Middle East
Ars Technica
US government takes $2 billion equity stake in nine quantum computing firms
Google publishes exploit code threatening millions of Chromium users
In stunning display of stupid, secret CISA credentials found in public GitHub repo
Zero-day exploit completely defeats default Windows 11 BitLocker protections
Cisco announces record revenue and 4,000 layoffs in the same day
Linux bitten by second severe vulnerability in as many weeks
Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
Ars Asks: Share your shell and show us your tricked-out terminals!
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
CyberScoop
The readiness paradox: Why a false sense of cyber confidence is becoming a liability
Meet Rampart and Clarity, Microsoft’s new red team combo AI agents
GitHub says internal repositories were impacted in poisoned VS Code extension attack
CISA credential leak raises alarms, and Capitol Hill demands answers
Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches
Mini Shai-Hulud returns, compromising hundreds of npm packages
Microsoft disrupts cybercrime service that abused software verification systems en masse
AI might cut false positives, but it won’t stop the slop 
Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa
The Canvas breach proved that prevention is no longer enough
InfoSecurity Magazine
GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension
Three-Quarters of Firms Knowingly Ship Vulnerable Code
Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes
Grafana Labs Says Code Breach Stemmed from TanStack Attack
Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users
Mini Shai-Hulud Hits Hundreds of npm Packages in AntV Ecosystem
China-Linked Webworm APT Evolves Tactics, Expands to European Targets
GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
Researchers Warn CypherLoc Scareware Has Targeted Millions of Users
Verizon DBIR: Vulnerability Exploits Overtake Credentials as Top Access Vector
SecurityWeek
Cisco Patches Critical Vulnerability in Secure Workload
Ocean Emerges From Stealth With $28M for Agentic Email Security Platform
Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
Socket Raises $60 Million at $1 Billion Valuation
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility
Quantum Bridge Raises $8 Million for Quantum-Safe Key Distribution Solution
Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
ZDNet
I found the 10 best early Memorial Day Apple deals: Save hundreds on iPad, Apple Watch, and more
The best early Memorial Day laptop deals: Save on Apple, Dell, Lenovo, and more
I found the best early Memorial Day Walmart deals: Apple, Dyson, and more on sale
6 pet deals you don't want to miss this Memorial Day weekend, including robot litter boxes
I tested a portable battery with graphene heat dissipation - and cracked it open for proof
Google's AI features just got more confusing
Is Google's AI Ultra plan worth $100/month? I compared it to Plus and Pro tiers
I tested Motorola's $1,500 Razr Ultra, and it's so close to being my dream flip phone
The Flipper One is a full-on Linux cyberdeck that solves my biggest Raspberry Pi problem
I talked to homeowners considering a battery backup - these are their biggest questions
The Hacker News
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
When Identity is the Attack Path
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
BleepingComputer
Apple blocked over $11 billion in App Store fraud in 6 years
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
Chinese hackers target telcos with new Linux, Windows malware
Max severity Cisco Secure Workload flaw gives Site Admin privileges
Police seize “First VPN” service used in ransomware, data theft attacks
Flipper One project needs community help to build open Linux platform
Microsoft warns of new Defender zero-days exploited in attacks
GitHub links repo breach to TanStack npm supply-chain attack
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
Hackers bypass SonicWall VPN MFA due to incomplete patching
gbhackers
Apache OFBiz RCE Flaw Abuses Password-Change Restrictions for Authentication Bypass
Microsoft Defender Zero-Day Vulnerabilities Actively Exploited in the Wild
Discord Enables End-to-End Encryption by Default Across Voice and Video Features
Google Chrome Security Flaws Could Let Attackers Execute Code Remotely
Fake Microsoft Teams Downloads Spread ValleyRAT Malware
TamperedChef Malware Hides in Signed Apps to Drop Stealers and RATs
New NGINX 0-Day RCE “nginx-poolslip” Threatens Millions of Servers
Critical Vulnerability in Cisco Secure Workload Threatens Enterprise API Security
Fake Invitation Phishing Campaign Steals Credentials From U.S. Organizations
Indian Student Data Weaponized in Phishing and Financial Fraud Campaigns
Cybersecurity Dive
7-Eleven hit by data breach
Microsoft disrupts cybercrime operation that hid behind legitimate software
Compromised coding tool helped hackers breach thousands of GitHub repositories
Telecom sector launches its own private ISAC
Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN
Grafana Labs says hacker gained access to codebase through leaked token
How a government contest launched a revolution in AI-based bug hunting
Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
MSPs need AI to fight AI-fueled cyberthreats: Guardz
More money is going to physical security, but it’s often CISOs that oversee it: EY
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach
Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw
Microsoft storms RAMPART, adds Clarity to agentic AI safety
Zombie user account let hackers control the city’s water
Even Claude agrees: hole in its sandbox was real and dangerous
GitHub says internal repos exfiltrated after poisoned VS Code extension attack
London's police asked Big Tech for comms data over 700,000 times last year
Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
America's top cyber-defense agency left a GitHub repo open with passwords, keys, tokens – and incredibly obvious filenames
Clear your calendar, Drupal user: You have a critically urgent patch to install
VentureBeat
GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK
Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering
Agent authorization is broken — and authentication passing makes it worse
Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps
Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses
AI agents are running hospital records and factory inspections. Enterprise IAM was never built for them.
AI tool poisoning exposes a major flaw in enterprise agent security
TechCrunch
Scammers are abusing an internal Microsoft account to send spam links
Customers say Trump Mobile is leaking their personal information
GitHub says hackers stole data from thousands of internal repositories
Discord enables end-to-end encrypted voice and video calling for every user
From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing
Hackers have compromised dozens of popular open source packages in an ongoing supply-chain attack
US cyber agency CISA exposed reams of passwords and cloud keys to the open web
NYC Health + Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people
Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom
A hotel check-in system left a million passports and driver’s licenses open for anyone to see
Network World Security
Forward launches Predict to take the guesswork out of network changes
Network jobs watch: Hiring, skills and certification trends
Nvidia: Latest news and insights
Riverbed expands autonomous AI capabilities for Aternity platform
Cisco: Latest news and insights
Selector targets the network visibility gap in multi-cloud infrastructure
Top network and data center events of 2026
AI reshapes cybersecurity workforce priorities as IT teams brace for new risks
Wireless security is a battle of AI vs. AI
Startup Bolt Graphics promises 5x performance over Nvidia’s best GPU
Help Net Security
Authorities dismantle First VPN, used by ransomware actors
GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
Virtru centers file collaboration around data-level protection
ASAPP expands adversarial testing for enterprise AI systems
Tenable Hexa AI automates remediation across attack surfaces
Riverbed introduces new Aternity tools for autonomous IT operations
Forward launches Predict to test network changes before deployment
CTERA brings AI insights and automation for unstructured data
Terra adds continuous network exploitation validation to its platform
SC Magazine
WantToCry ransomware evades detection through SMB abuse, remote encryption
APIs under pressure: How AI is rewriting the rules of enterprise security
1Password and OpenAI collaborate on secure credential access for AI coding agents
Carding forum B1ack's Stash releases millions of stolen credit card records
DataDome launches priority protect for virtual waiting rooms
Terra Security expands platform to include network infrastructure exploitation validation
Trump Mobile phone provider reportedly leaking customer data
New Mini Shai-Hulud attack targets npm ecosystem
Next-generation enterprise defense: Managing risk in the age of agentic AI
Discord implements end-to-end encryption for voice and video calls
© 2026 RiskDiscovery | Sponsored by: Deception Logic