[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
FCC Softens Ban on Foreign-Made Routers
Tech Can't Stop These Threats — Your People Can
'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
Hackers Use AI for Exploit Development, Attack Automation
Cyber Espionage Group Targets Aviation Firms to Steal Map Data
ShinyHunters Claims Second Attack Against Instructure
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
Has CISA Finally Found Its New Leader in Tom Parker?
AI-Driven Cyberattack on Mexico Couldn't Breach OT Systems
'TrustFall' Convention Exposes Claude Code Execution Risk
Ars Technica
Linux bitten by second severe vulnerability in as many weeks
Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
Ars Asks: Share your shell and show us your tricked-out terminals!
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Why Reddit blocked my daily visit to its mobile website
GameStop offers $56 billion for eBay, struggles to explain how it'll pay for it
Ubuntu infrastructure has been down for more than a day
The most severe Linux threat to surface in years catches the world flat-footed
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
CyberScoop
AI is separating the companies built to scale from the ones built to sell
Pressure mounts on Canvas as data leak extortion deadline looms
Google spotted an AI-developed zero-day before attackers could use it
The missing cybersecurity leader in small business
Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments
ShinyHunters claims nearly 9,000 schools affected by Canvas data breach
Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI
Ivanti customers confront yet another actively exploited zero-day
Trump officials are steering a cybersecurity scholarship program toward AI
American duo sentenced for hosting laptop farms for North Korean IT workers
InfoSecurity Magazine
Malicious Hugging Face Repository Typosquats OpenAI
South Staffordshire Water Fined £1m After Data Breach
TrickMo Variant Routes Android Trojan Traffic Through TON
Rushed Patches Follow Broken Embargo on New Linux Kernel Vulnerabilities
Fake Claude Code Page Pushes PowerShell Stealer at Devs
Hackers Observed Using AI to Develop Zero-Day for the First Time
US: FCC Relaxes Foreign-Made Router Ban to Allow for Security Updates
ShinyHunters Escalates Canvas Extortion with School by School Ransom Campaign
Zara Data Breach Impacts Nearly 200,000 Customers
Police Shut Relaunched Crimenetwork Dark Web Marketplace
SecurityWeek
Claude Mythos Finds Only One Curl Vulnerability; Experts Divided on What It Really Means
Is The SOC Obsolete, And We Just Haven’t Admitted It Yet?
TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack
Frame Security Emerges From Stealth With $50M for Awareness and Training Platform
Build Application Firewalls Aim to Stop the Next Supply Chain Attack
Google Detects First AI-Generated Zero-Day Exploit
Skoda Data Breach Hits Online Shop Customers
Cloudflare Lays Off 1,100 Employees in AI-Driven Restructuring
SailPoint Discloses GitHub Repository Hack
Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack
ZDNet
Linux Mint vs. Elementary OS: I compared both distros, and here's my advice
Best Buy is selling this 4TB WD Black SSD for 65% off right now - and I'm seriously tempted
Windows 11's new Low Latency Profile may give your PC the speed boost it deserves
Microsoft PowerToys now lets you control your monitor from the taskbar - here's how
I compared how Gemini, ChatGPT, and Claude can analyze videos - this model wins
Verizon will give you a free Samsung Galaxy S26, tablet, and watch today - how to qualify
Can hackers break encrypted USB drives? I tried to find out
Ubuntu 26.04 vs. Fedora 44: After years of testing both Linux distros, here's my verdict
How to prepare for brutal summer blackouts - and figure out your power needs now
I jailbroke my old Kindle, but I found a safer way to add books - for free
The Hacker News
Why Agentic AI Is Security's Next Blind Spot
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android
TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room
BleepingComputer
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
Instructure reaches 'agreement' with ShinyHunters to stop data leak
GM agrees to $12.75M California settlement over sale of drivers’ data
Official CheckMarx Jenkins package compromised with infostealer
New GhostLock tool abuses Windows API to block file access
Instructure confirms hackers used Canvas flaw to deface portals
Why Changing Passwords Doesn’t End an Active Directory Breach
Google: Hackers used AI to develop zero-day exploit for web admin tool
Webinar this week: Prevention alone is not enough against modern attacks
gbhackers
Hackers Hijack Microsoft Teams Accounts to Spread ModeloRAT Malware
Open WebUI File Upload Vulnerability Enables 1-Click RCE Attack
North Korea Hackers Abuse Git Hooks to Deploy Cross-Platform Malware
Cline AI Agent Flaw Allows Attackers to Launch RCE Attacks
Fake TronLink Chrome Extension Steals Crypto Wallet Credentials
Claude Chrome Extension Flaw Lets Malicious Add-Ons Steal Gmail and Drive Data
Microsoft Warns: MistralAI PyPI Package Compromised with Malware
OpenAI Daybreak Automates Vulnerability Detection and Patching
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers
BitUnlocker Downgrade Attack Bypasses Windows 11 Disk Encryption in Minutes
Cybersecurity Dive
Second Canvas data breach causes major disruptions for schools, colleges
AI used to develop working zero-day exploit, researchers warn
New cybersecurity industry coalition aims to lead US critical infrastructure protection
Identity is the new perimeter as rapid NHI proliferation threatens visibility and control
Instructure confirms cybersecurity incident
Anthropic’s Claude used in attempted compromise of Mexican water utility
Businesses hide vast majority of ransomware attacks, report finds
Palo Alto Networks warns state-linked cluster behind zero-day exploitation
Businesses eager but unprepared for AI to transform their security strategies
Iran-sponsored threat group behind false flag social engineering campaign
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Apple, Google drag cross-platform texting into the encrypted age
Japan’s PM orders cybersecurity review to stop Mythos going full CyberZilla
Double Canvas breach acknowledged as ShinyHunters sets new pay-or-leak deadline
Cookie thieves caught stealing dev secrets via fake Claude Code installers
Anthropic’s bug-hunting Mythos was greatest marketing stunt ever, says cURL creator
BWH Hotels guests warned after reservation data checks out with cybercrooks
Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged
Taiwan's train cyber-trauma reveals a global system that’s coming off the tracks
Worm rubs out competitor's malware, then takes control
'Dirty Frag' Linux flaw one-ups CopyFail with no patches and public root exploit
VentureBeat
AI agents are running hospital records and factory inspections. Enterprise IAM was never built for them.
AI tool poisoning exposes a major flaw in enterprise agent security
5,000 vibe-coded apps just proved shadow AI is the new S3 bucket crisis
An AI agent rewrote a Fortune 50 security policy. Here's how to govern AI agents before one does the same.
Anthropic Skill scanners passed every check. The malicious code rode in on a test file.
One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it
Microsoft takes Agent 365 out of preview as shadow AI becomes an enterprise threat
TechCrunch
Poland says hackers breached water treatment plants, and the US is facing the same threat
US defense contractor who sold hacking tools to Russian broker ordered to pay $10M to former employers
Hackers deface school login pages after claiming another Instructure hack
Hackers hack victims hacked by other hackers
How Anthropic’s Mythos has rewritten Firefox’s approach to cybersecurity
Police arrest SMS blaster crew that sent malicious messages to thousands across Toronto
2 days left: Get 50% off a second pass to TechCrunch Disrupt 2026
DOJ says ransomware gang tapped into Russian government databases
AI evaluation startup Braintrust confirms breach, tells every customer to rotate sensitive keys
Some kids are bypassing age-verification checks with a fake mustache
Network World Security
Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched
Tech job postings hit three-year high as AI demand fuels hiring rebound
HPE memory server targets compute-heavy and agentic AI workloads
PCI group begins work on new spec to support bandwidth-hungry apps like AI, HPC
Cisco: Latest news and insights
Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program
AWS hit by US-East-1 outage after data center thermal event
Q&A: Quantum physicist Sonia Fernández-Vidal on why classical computing isn’t going anywhere
OpenAI-led consortium seeks to address AI processing bottlenecks
Gluware’s Titan rises to meet Mythos network vulnerability challenge
Help Net Security
Citrix moves secure access to a flexible, credit-based consumption model
Six new dnsmasq vulnerabilities open the door to DNS cache poisoning, local root
Škoda confirms unauthorized access to its online shop
OpenAI’s Daybreak uses Codex Security to identify risky attack paths
HEIDI: Free IDE security plugin for open-source vulnerability checks
The hidden smart fridge risks that emerge years after purchase
Cybersecurity jobs available right now: May 12, 2026
iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users
Zimperium Mobile App Response Agent helps security teams counter mobile attacks
Red Hat extends open source technology into space
SC Magazine
Why Basic Security Practices Still Work - Rob Allen - ASW #382
SailPoint GitHub repo hit by third-party cyberattack
IAM for MSSPs: The Hidden Risk of Blind Trust - Dustin Sachs - CSP #224
Why we need a ‘zero-trust for code’ behavioral approach to secure software
Smartphone users increasingly forgo paid antivirus protection
JDownloader website compromised to distribute malicious installers
AI can profile users from ad patterns alone, study finds
Virginia man found guilty of destroying government databases after being fired
New PamDOORa Linux backdoor sold on cybercrime forum
Google removes 28 fraudulent apps from Play Store
© 2026 RiskDiscovery | Sponsored by: Deception Logic