[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
Blame AI: Patch Tuesday Hits Record 206 CVEs
Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address
Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
Check Point VPN Flaw Exploited Since Early May
Iran Signed a Ceasefire — Its Hackers Didn't
'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud
Exposed Fuel Tank Gauges Under Attack in the US
Ars Technica
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
CyberScoop
Microsoft breaks Patch Tuesday record with 206 vulnerabilities
Anthropic’s new model is Mythos on a leash
CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector
Cisco customers encounter another SD-WAN zero-day under attack
Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint
The AI security race needs accountability, not overregulation
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
Hill Dems hammer GOP for $250M CISA budget cut
Your AI agent could become your biggest insider threat 
Inside the race to adapt to an AI-powered security world
InfoSecurity Magazine
75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds
AI Coding Adoption Hits 97% but Governance Lags Behind
Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request
Google Releases Patch for Chrome Vulnerability Exploited in the Wild
Check Point Warns Critical Auth Bypass Bug Exploited in the Wild
Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack
WhatsApp Discovers NSO Group-Linked Spearphishing Attempts
North Korean Hackers Use Fake Coding Tasks to Steal Crypto
OpenAI Unveils ChatGPT Account Security Controls
Infosecurity Europe: Prompt Injection Remains Unsolved, OWASP Researcher Warns
SecurityWeek
Microsoft Patches 200 Vulnerabilities
Adobe Patches 123 Vulnerabilities
Anthropic Launches Claude Fable 5: Mythos-Class AI With Cybersecurity Guardrails 
OpenSSL Patches High-Severity Vulnerability Found With AI
Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation
New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications
SAP Patches Critical NetWeaver, Commerce Vulnerabilities
Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
Will AI Kill the Bug Bounty Industry?
Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks
ZDNet
Amazon just slashed SSD prices for Prime Day - these are the 5 best deals I've found
I just saved $180 a year on my Google AI plan without losing my Drive storage - here's how
Liquid Glass for Linux? PearOS makes another Mac move - how it looks now
Anthropic's new Claude Fable 5 is the same base model as Mythos but with guardrails attached
The best early Prime Day TV deals actually worth your time: Samsung, Sony, and more
US workers are the world's biggest AI skeptics - and it's not just about job loss
Amazon Prime members can buy a car online now - and get a $1,500 gift card
This silent Android feature scans your photos for 'sensitive content' - how to uninstall it
I tested iOS 27's new AI photo editing tools as a skeptic - and the results surprised me
RakuOS fixes the one thing that annoys me most about immutable Linux distros
The Hacker News
Meta to Use Off-Site Business Data for Feed and AI Personalization
Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code
Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now
The Hidden Security Risk in Modern Networks: The Work Between Tools
New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
BleepingComputer
ServiceNow discloses security incident exposing customer data
OpenClaw AI agent found falling for phishing attacks, spills user data
SAP fixes critical flaws in NetWeaver and Commerce Cloud
Microsoft releases Windows 10 KB5094127 extended security update
Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws
Windows 11 KB5094126 & KB5093998 cumulative updates released
XBOW tests Anthropic's Mythos Preview for offensive security
GitHub disables Microsoft repos pushing password-stealing malware
New Veeam vulnerability exposes backup servers to RCE attacks
French govt messaging service breached in account hijacking attack
gbhackers
MagicAd Android Malware Bypasses Restrictions to Flood Devices With Ads
Microsoft Defender Adds Monitoring for RPC Protocol Abuse in Cyberattacks
LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers
New BitB Phishing Attack Targets Microsoft 365 Logins
North Korea Hackers Weaponize GitHub to Target Developers
Ghost-Sender Flaw Exposes Exchange Online Users to Sender Spoofing Attacks
Microsoft Entra Agent ID Logs Expose Suspicious Assistive Agent Activity
Linux Kernel Flaw Allows Local Attackers to Gain Root Privileges
Top 10 Best Zero Trust Network Access (ZTNA) Solutions 2026
WhatsApp Blocks Pegasus Spyware Campaign Linked to NSO Group
Cybersecurity Dive
Check Point warns of zero-day flaw targeted by ransomware affiliate
IT sector faces growing threats from IP-hungry China, AI-enabled cybercriminals
Cyber insurance policyholders facing heavier scrutiny in underwriting, claims
Companies aren’t prepared for how AI is accelerating impersonation attacks
The new risk equation: Why endpoint security is a financial imperative
Cisco warns zero-day flaw in SD-WAN is being exploited
Sprawling new House AI bill includes frontier model oversight, open-source security grants
CISA chief says Trump AI executive order implementation will start soon
CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand
‘Don’t panic’: AI reality checks dominate major cybersecurity conference
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Miasma worms its way onto GitHub as attack kit goes open source
Apple’s iOS 27 goes all agentic on compromised passwords, promises to change them with one tap
Signal says UK plan to scan devices for nude images 'endangers us all'
Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year
France probes compromise of gov messaging platform after account hijack
Qilin NHS breach tally grows as Essex trust confirms stolen records
Norks blast 250+ fake job offers to developers over 6 weeks to try and snarf creds and crypto
Ransomware crims got a month-long head start on Check Point VPN 0-day that now has a fix
Ransomware sends Illinois high school on an early summer vacation
GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections
VentureBeat
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
TechCrunch
CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang
Microsoft’s open source tools were hacked to steal passwords of AI developers
WhatsApp says it caught new spyware attacks linked to NSO Group in violation of court order
Massachusetts votes to pass new privacy rights bill that bans sale of precise location data
Hacked, leaked, and held for ransom: The worst breaches of 2026 so far
OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks
Former cyber executive turned whistleblower accuses IBM of covering up several data breaches
Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person
NSA said to be readying Anthropic’s Mythos for use in cyber operations
Filtr is a new privacy tool that blocks ads in almost every iPhone and Mac app
Network World Security
AI power efficiency the target of Lotus Microsystems energy advances
Arista unveils 1.6T rack-scale switch family for AI infrastructure
Zscaler launches zero trust platform for agentic AI
AI inference moving to private clouds, Broadcom says
2026 network outage report and internet health check
Attackers exploiting unpatched Cisco SD-WAN flaw
Enterprise network teams are falling behind as AI raises the stakes
New data center routing design cuts AWS networking energy costs by 40%, Amazon claims
Cisco: Latest news and insights
Network jobs watch: Hiring, skills and certification trends
Help Net Security
French government messaging platform breached through account hijacking
Elastic brings AI-driven incident investigation to Kubernetes and observability tools
Filigran launches XTM One to automate CTEM with AI agents
Rockwell Automation adds AI-powered security tools to SecureOT Suite
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)
Apple Intelligence can now replace weak passwords without user intervention
Apple expands what parents can block, approve, and limit
Mythos Preview can weaponize N-day vulnerabilities in hours
The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
SC Magazine
CISA to reevaluate risk prioritization for critical infrastructure and federal agencies
Iranian-linked hackers claim cyberattack on Israeli military, but evidence is weak
Discord data breach claim filed with Maine AG raises red flags
Windows 10 KB5094127 update fixes vulnerabilities, enhances Secure Boot monitoring
French government messaging platform Tchap breached via hijacked account
Geinbot, SolarWinds, Brave, UNK_Deaddrop, durabletask, Insta, Aaran Leyland... - SWN #588
CISA adds Check Point VPN bug to list of exploited vulnerabilities
AI-Generated Code Security Risks: Why “Vibe Coding” Can Break Your App - WC #1
Time to integrate AI into the core of the business
Google releases emergency update for fifth Chrome zero-day exploited in the wild this year
© 2026 RiskDiscovery | Sponsored by: Deception Logic