[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Apple's MacOS Gap Lets Users Disable Security Tools
Scope of Salesforce Attacks Expands as Icarus Leaks Data
'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
SocGholish Takedown Highlights Malicious TDS Threats
FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist
DifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories
Crypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign
He Thought He Was Secure; His Phone Number Was Stolen Anyway
Stressors, AI Forcing Changes to Cybersecurity Teams
Novo Nordisk Breach Highlights Software Development Pipeline Risk
Ars Technica
White House drastically shortens deadline for dropping quantum-vulnerable crypto
Oracle’s 21,000 layoffs help drive its debt-fueled AI investments
Following user outcry, AMD reinstates memory encryption in consumer CPUs
Microsoft discovers new lightweight backdoor that steals cryptocurrency
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
Before SpaceX IPO, investors in China secretly acquired stakes
Massive breach spills credentials for thousands of sensitive networks
Tesco moving 40,000 server workloads off VMware amid Broadcom's “abusive conduct”
"Dangerous" AI models are coming no matter what
Windows and Linux users: The deadline to update Secure Boot keys is near
CyberScoop
In a first, a court takedown goes after two cybercrime tools at once
Open-source security is posing challenges governments can’t easily solve
Justice Department seizes infrastructure used by cyber scam and criminal marketplace
Algerian man charged with running two cybercrime marketplaces
Court rules SAVE database illegal, orders it dismantled
Trump executive orders speed up post-quantum migration, boost industry
Intel agencies: Frontier AI models will reshape cybersecurity faster than expected
Authorities disrupt Evil Corp’s SocGholish botnet
Congress tees up No FAKES Act, aiming at AI-generated deepfakes
How software development’s speed obsession enabled TeamPCP’s chaos crusade
InfoSecurity Magazine
Europol-Led Operation Endgame Takes Down StealC and Amadey Infostealers
macOS Backdoor Uses Prompt Injection to Evade AI Triage
KDDI Breach Affects Six Japanese ISPs, Exposes 14.2 Email Credentials
Iran-Linked MuddyWater Poses as Ransomware Gang to Mask Cyber Espionage
AI Is Making Attacks Cheaper, Faster and More Covert, Says ReliaQuest
UK Museums Face Cybersecurity Risks, MPs Warn
Lookalike npm Package Hides a Multi-Stage Windows RAT
OpenAI Expands Daybreak to Help Defenders Patch Flaws
Trump Issues Executive Order to Fast-Track Post-Quantum Migration
GTA 6 Scams Emerge as Pre-Orders Open
SecurityWeek
Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware
Exclusive: Meet AIVEX, a New Triage Model Built to Reduce Supply Chain Threat and Risk
macOS Weaknesses Chained to Silently Disable Endpoint Security Agents
Third DraftKings Hacker Sentenced to 18 Months in Prison
Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs
Agentic AI Security: Wrong Context, Wrong Decisions at Machine Speed
New ‘Mistic’ RAT Opens Door to Several Ransomware Families
Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking
BeyondTrust, LastPass Impacted by Klue-Salesforce Incident
Webinar Today: Modern Exposure Validation in the AI Era
ZDNet
The best Prime Day robot vacuum deals I'd buy (after testing dozens of them)
I found the best Amazon Prime Day SSD and storage deals - including from Samsung and Kingston
Why your RAM options cost 4X more now than last year - even legacy tech prices aren't immune
6 kitchen splurges that are totally worth it (and on sale)
It's Prime Day 2: We hand-picked the 90+ best deals and are tracking them live
Best Prime Day Apple deals I found for MacBooks, iPads, AirPods, and more
The E Ink tablet that successfully replaced my iPad and Kindle is 40% off on Amazon now
Last year's Samsung S95F OLED TV is $1,100 off right now - and I'm seriously considering it
The best Sam's Club deals competing with Prime Day 2026 (including $15 membership)
Amazon is selling Garmin watches for up to $500 off - I've tested and recommend these models
The Hacker News
Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks
Dawn of the Apex Agentic Adversary
DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering
Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation
Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents
Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration
GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns
Agentic AI: The Weapon That No Longer Needs a Warrior
Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
BleepingComputer
CISA warns of max severity Ubiquiti flaws exploited in attacks
Amadey, StealC malware operations disrupted in Operation Endgame action
Securing the service desk: Why social engineering attacks keep succeeding
Stealthy Mistic backdoor linked to ransomware access broker KongTuke
Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks
Tata Electronics confirms cyberattack as hackers leak data
Windows 11 KB5095093 update rolls out new Point-in-Time restore feature
Healthtech firm Xolis suffers data breach impacting 1.4 million people
New macOS ClickFix attack silently mounts DMGs to push infostealer
Scattered Spider members plead guilty to hacking Transport for London
gbhackers
ModeloRAT and Mistic Backdoor Activity Linked to Ransomware Initial Access Broker
Android Malware Campaign Uses Fake Document Reader App with 100K Google Play Downloads
Grafana Confirms TanStack npm Supply Chain Attack Led to GitHub Repository Cloning
Hackers Use Microsoft Teams-Themed Lures to Deploy Legitimate Remote Access Software
Payouts King Initial Access Broker Deploys Edgecution Malware Through Malicious Edge Extension
PoC Released for Microsoft Exchange Server EWS InstallApp SSRF Vulnerability
Webmin Stored XSS Vulnerability Lets Attackers Exploit Root Users
Fable 5 AI Model Builds Bootable Windows Kernel in Rust in Just 38 Minutes
Cisco Unified Communications Manager Flaw Exposes Systems to SSRF Attacks and Root Access
Hackers Abuse Indian Tax Notice Lures to Deliver PE Loader and libsvcs.dll Payload
Cybersecurity Dive
White House’s state infrastructure cybersecurity initiative stalled
Trump sets new deadlines for agencies and contractors to adopt post-quantum cryptography
Klue investigating supply chain attack that targeted Salesforce integrations
Looming AI-fueled threats require urgent cybersecurity improvements, Five Eyes members say
Interpol, Europol renew agreement to combat hackers and other criminals
CISA urges device hardening after thousands of Fortinet credentials compromised
Infrastructure downtime has a $50k-per-hour price tag. It’s time to turn hours into minutes.
3 ways AI is transforming security operations - and where it delivers real impact
AI is transforming enterprise data risk. Here’s how security leaders are responding.
Nation-state rivals linked to majority of consequential attacks targeting critical UK sites
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
London cops bring live facial recognition to West End
You have got to be KDDI-ng – Japanese telco exposes 14.2 million managed email credentials
Mythos discovers 'Squidbleed,' a memory leak that's gone undetected since Clinton era
Five Eyes spooks warn AI means infosec incidents can become ‘major operational and financial crises’
Sniff out stale AI override advice with this open source CLI
OpenAI: Yoo-hoo, look over here, we do that security stuff too!
Cloudflare teams up with big browsers to help websites tell welcome from unwelcome visitors
Security shops among the 'hundreds' of Klue hack victims
Canadian utility fesses up to data breach, but key details remain off-grid
Brazil probes emergency warning system after nationwide rogue alert
VentureBeat
7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes
Copilot searched your mailbox. LiteLLM handed out admin keys. Run this 5-check audit before your stack is next
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
TechCrunch
Klue says hackers stole credential from 2022 that led to customer data breaches
Password manager maker LastPass says hackers stole customer support case data during Klue breach
Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach
A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak 
Anthropic says Claude may want to see your ID
Klue hack results in data breach at several cybersecurity firms
Signal’s Meredith Whittaker wants you to remember that AI chatbots ‘are not your friends’
From PGP to Mythos: a brief history of export controls that didn’t stop anyone
Texas government data breach allowed hackers to steal 3 million driver’s licenses and passports
Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world
Network World Security
Attackers exploit Cisco Unified CM flaw weeks after patch release
Upscale AI readies Skyhammer scale-up networking tech, raises new funding
Rami Rahim’s message for network pros: Legacy networks can’t withstand rigors of AI
2026 network outage report and internet health check
China’s LineShine dethrones El Capitan as the world’s fastest supercomputer
Nvidia: Latest news and insights
Dell launches AI server based on Nvidia Vera Rubin GPUs
Nvidia unveils Vera Rubin platform targeting AI, HPC infrastructure
What Bundesliga’s Captain tells us about AI-powered CX
FortiBleed campaign exposes 75,000 Fortinet firewalls worldwide
Help Net Security
Law enforcement hits StealC and Amadey malware networks
Algerian national accused of running cybercrime marketplaces extradited to US
Anthropic’s Claude Tag gives AI agents independent identities
Phishing attack on healthcare firm Xsolis impacts 1.4 million people
SuperOps and Guardz bundle IT operations and security into one product for MSPs
Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)
LastPass customer data exposed through Klue supply chain attack
Google Workspace expands password reset alerts to all admins
Qodo expands platform to help teams govern AI-generated code and engineering standards
Brinqa BYOAI lets organizations use any AI platform with trusted risk data
SC Magazine
FortiBleed campaign steals 110M credentials from FortiGate targets
Snyk launches Evo Agentic Development Security to govern AI coding agents
Why teams need continuous agent hunting
The Strategic Human Firewall as AI Impacts Regulations, Cyber Pros, and Employees - Robert Siciliano - BSW #453
4 vulnerabilities in Dify expose cross-tenant data
Algerian man extradited from Spain, charged with running cybercrime operation
Two men plead guilty in UK for cyberattacks on Transport for London
Dragos launches AI assistant for industrial control system cybersecurity
State and local governments request $300 million for cybersecurity grants
Healthcare leaders face cybersecurity blind spots despite vendor confidence
© 2026 RiskDiscovery | Sponsored by: Deception Logic