[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
China Upgrades the Backdoor It Uses to Spy on Telcos Globally
Wartime Usage of Compromised IP Cameras Highlight Their Danger
Infrastructure Attacks With Physical Consequences Down 25%
Google Sets 2029 Deadline for Quantum-Safe Cryptography
Coruna, DarkSword & Democratizing Nation-State Exploit Kits
Is the FCC's Router Ban the Wrong Fix?
Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles
Critical Flaw in Langflow AI Platform Under Attack
How Organizations Can Use Mistakes to Level Up Their Security Programs
AI-Powered Dependency Decisions Introduce, Ignore Security Bugs
Ars Technica
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Supply-chain attack using invisible code hits GitHub and other repositories
The who, what, and why of the attack that has shut down Stryker's Windows network
14,000 routers are infected by malware that's highly resistant to takedowns
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
CyberScoop
Iranian hackers, Handala, claim to compromise FBI Director Kash Patel’s personal data
Security leaders say the next two years are going to be ‘insane’
ODNI tackles AI, threat hunting, app cybersecurity in year-one tech review
FCC pushes new rules to crack down on robocallers, foreign call centers
Former NSA chiefs worry American offensive edge in cybersecurity is slipping
Alleged RedLine infostealer conspirator extradited to US
Google moves post-quantum encryption timeline up to 2029
DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses
Experts warn of a ‘loud and aggressive’ extortion wave following Trivy hack
Critics call FCC router rule a ‘big swing’ that could create more supply chain uncertainty
InfoSecurity Magazine
New Wave of AiTM Phishing Targets TikTok for Business
TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack
Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google
UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds
EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts
AI Becomes the Top Cybersecurity Priority for Defenders as Criminals Exploit It, PwC Warns
OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns
Iran-Linked Pay2Key Ransomware Group Re-Emerges
SecurityWeek
Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account
In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline
OpenAI Launches Bug Bounty Program for Abuse and Safety Risks
TP-Link Patches High-Severity Router Vulnerabilities
RSAC 2026 Conference Announcements Summary (Days 3-4)
Coruna iOS Exploit Kit Likely an Update to Operation Triangulation
CISA Flags Critical PTC Vulnerability That Had German Police Mobilized
Hightower Holding Data Breach Impacts 130,000
BIND Updates Patch High-Severity Vulnerabilities
Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure
ZDNet
5 kitchen tech splurges that I've found to be worth every penny (and are on sale now)
Stop falling for scams when Norton's antivirus software is 70% off right now
Get Kindle Unlimited for $1 a month with this Amazon Spring Sale deal - how to qualify
These RayNeo XR glasses effectively replaced my TV with HDR support - and they're on sale
This massive 8TB WD-Black SSD is 67% off at Best Buy right now
This popular Android Auto wireless adapter just hit its lowest price - and I highly recommend it
Amazon Spring Sale live blog 2026: The top deals you can't miss
These XR glasses effectively replaced my dual monitors for work - and they're $170 off
I'm seriously considering buying another Fire TV Stick if it's 50% off right now
This is the lowest price on a 64GB RAM kit I've seen in months
The Hacker News
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
We Are At War
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
BleepingComputer
Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
Fake VS Code alerts on GitHub spread malware to developers
Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
European Commission investigating breach after Amazon cloud account hack
Anti-piracy coalition takes down AnimePlay app with 5 million users
Windows 11 KB5079391 update rolls out Smart App Control improvements
Dutch Police discloses security breach after phishing attack
Ajax football club hack exposed fan data, enabled ticket hijack
CISA: New Langflow flaw actively exploited to hijack AI workflows
UK sanctions Xinbi marketplace linked to Asian scam centers
gbhackers
BIND 9 Security Flaws Allow Attackers to Bypass Security Controls and Crash Servers
CISA Adds Critical Aquasecurity Trivy Scanner Vulnerability to KEV Catalog
Silver Fox Cyberattack Targets Japanese Businesses with Tax-Themed Phishing Scams
TeamPCP Hackers Focus on AI Developers, Planting Malicious Code to Disrupt Projects
Hackers Target South Asian Financial Firm with BRUSHWORM and BRUSHLOGGER Attacks
Red Hat Warns of Malware Embedded in Popular Linux Tool, Opening Doors for Unauthorized Access
Hackers Deploy USB Malware, RATs, and Stealers in Southeast Asian Government Attacks
Windows Error Reporting Vulnerability Exposes Systems to Privilege Escalation, Allowing SYSTEM Access
Phishing ZIP Files Used to Deploy PXA Stealer Targeting Financial Firms
Hackers Implant Stealthy BPFdoor Backdoors in Telecom Networks for Persistent Access
Cybersecurity Dive
Espionage campaign targets telecom with stealthy Linux-based backdoor
Identity is the first line of defense, especially in an AI-fueled threat landscape
Critical flaw in Citrix NetScaler raises fears of new exploitation wave
‘Do not shift budgets to AI’: How businesses should and shouldn’t respond to evolving threats
Iran-linked ransomware operation targeted US healthcare provider
Congress wants details from White House on cyber strategy, Iran resilience measures
The CVE Program, a bedrock of global cyber defense, is teetering on the brink
Companies face difficult choices in blaming hackers for an attack
Cybercrime groups speed up initial access handoff through planning, coordination
FCC bans import of consumer-grade routers amid national security concerns
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
AFC Ajax drops ball as flaws let hackers play admin with tickets and bans
Iran war drives urgent need to counter underwater attack drones
Security boffins scoured the web and found hundreds of valid API keys
Brit lawmaker targeted by AI deepfake fails to get answers from US Big Tech
UK wants to know if banning under-16s from social media does anything useful
Indian government probes CCTV espionage operation linked to Pakistan
AI supply chain attacks don’t even require malware…just post poisoned documentation
Scammers have virtual smartphones on speed dial for fraud
Jen Easterly, cybersecurity's 'relentless optimist,' hopes feds come back to RSAC next year
Only Trump can decide when cyberwar turns into real war
VentureBeat
Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why
The authorization problem that could break enterprise AI
Nvidia's agentic AI stack is the first major platform to ship with security at launch, but governance gaps remain
OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert
Anthropic and OpenAI just exposed SAST's structural blind spot with free tools
Enterprise identity was built for humans — not AI agents
Microsoft says ungoverned AI agents could become corporate 'double agents.' Its fix costs $99 a month.
TechCrunch
European Commission confirms cyberattack after hackers claim data breach 
Iranian hackers claim breach of FBI director Kash Patel’s personal email account
Apple says no one using Lockdown Mode has been hacked with spyware
Apple made strides with iOS 26 security, but leaked hacking tools still leave millions exposed to spyware attacks
Silicon Valley’s two biggest dramas have intersected: LiteLLM and Delve
A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know.
Conntour raises $7M from General Catalyst, YC to build an AI search engine for security video systems
Convicted spyware chief hints that Greece’s government was behind dozens of phone hacks
Russia arrests alleged owner of cybercrime forum LeakBase, report says
Crunchyroll confirms data breach after hacker claims unauthorized access
Network World Security
European Commission data stolen in a cyberattack on the infrastructure hosting its web sites
Equinix launches AI platform to simplify control of distributed AI resources
Return of the PTT: Poste Italiane looks to snap up telco TIM
Networking terms and definitions
Intel: Latest news and insights
Network jobs watch: Hiring, skills and certification trends
Data center poaching adds to staffing crisis
Arm shifts course, moves into silicon business
AI’s need for speed, optical connectivity in focus at OFC 2026
The optical imperative and Nokia’s vision to close the AI gap
Help Net Security
TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation
Ajax data breach exposed season tickets, supporter bans open to tampering
AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure
Make OpenAI’s models misbehave and earn a reward
Top product launches at RSAC 2026
Tails 7.6 ships automatic Tor bridge retrieval and a new password manager
Second RedLine infostealer operator ends up in US custody
Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks
GitHub jumps on the bandwagon and will use your data to train AI
SC Magazine
RSAC 2026: Treat AI like a ‘junior developer’ to catch coding errors
Scam Baiting, AI, and the New Grift Economy, Part 2 - Rinoa Poison - SWN #567
Critical Langflow AI bug exploited within 20 hours added to CISA list
IBM's Srinivas Tummalapenta: Building the cyber risk intelligence layer
SC Awards Finalist: Best Professional Certification Program - ISACA - Mary Carmichael - SCA26 #1
IBM's Evelyn Anderson: Enabling autonomous cyber risk programs
Hack the Box's Gibb Witham: Measuring cyber readiness in the age of AI
SC Awards Finalist: Best Application Security Solution - RoonCyber - Gene Fay - SCA26 #1
SC Awards Finalist: Best Enterprise Security Solution - Island - Michael Leland - SCA26 #1
SC Awards Finalist: Best Identity Management Solution - Teleport - Diana Jovin - SCA26 #1
© 2026 RiskDiscovery | Sponsored by: Deception Logic