[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber
Oracle Red Bull Racing Team Revs Up Automation to Boost Security
Claude Mythos Fears Startle Japan's Financial Services Sector
Reverse Engineering With AI Unearths High-Severity GitHub Bug
AI Finds 38 Security Flaws in Electronic Health Record Platform
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error
Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
Ars Technica
The most severe Linux threat to surface in years catches the world flat-footed
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
CyberScoop
FCC tightens KYC rules for telecoms, closes loophole for banned foreign services
Congress kicks the can down the road on surveillance law (again)
cPanel’s authentication bypass bug is being exploited in the wild, CISA warns
Two new extortion crews are speedrunning the Scattered Spider playbook
Everyone’s building AI agents. Almost nobody’s ready for what they do to identity.
Congress, industry ponder government posture for protecting data centers
Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul
Federal CIO cautious on Anthropic’s Mythos despite planned rollout
Rep. Delia Ramirez takes over as top House cybersecurity Dem
U.S. companies hit with record fines for privacy in 2025
InfoSecurity Magazine
Three Arrested for Hacking Over 610,000 Roblox Accounts
Deep#Door Python Backdoor Evades Detection On Windows
CISA and Partners Publish Zero Trust Guidance For OT Security
UK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat Levels
Europol Busts Albanian Scam Call Centers in Major Online Fraud Case
Cyber is the Number One Global “People Risk,” Says Marsh
Cursor Extension Flaw Exposes Developer API Keys
Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets
Researchers Track 2.9 Billion Compromised Credentials
Critical Flaw Turns Vect Ransomware into Data Destroying Wiper
SecurityWeek
Anthropic Unveils Claude Security to Counter AI-Powered Exploit Surge
AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours
SonicWall Urges Immediate Patching of Firewall Vulnerabilities
SAP NPM Packages Targeted in Supply Chain Attack
Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks
EnOcean SmartServer Flaws Expose Buildings to Remote Hacking
Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months
‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover
Sandhills Medical Says Ransomware Breach Affects 170,000
Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure
ZDNet
The payroll errors costing small businesses thousands, and how to avoid them
Amazon confirmed Prime Day 2026 is coming earlier. Here's everything to know now
Thousands of readers bought these 10 useful tools and gadgets (No. 5 gets weird)
After testing this Linux laptop, I understand why MacBooks are the superior choice
Motorola Razr Ultra (2026) vs. Samsung Galaxy Z Flip 7: I tried both, and there's a clear winner
Anthropic's new Claude Security tool scans your codebase for flaws - and helps you decide what to fix first
Sony vs. Bose: My buying advice after listening to flagship headphones from both brands
T-Mobile will give you the latest Apple Watch SE for free - how to qualify for the deal
I asked ChatGPT Images 2.0 to redesign my app UIs - and wow
I fixed my Wi-Fi dead zones at home with these 6 simple changes
The Hacker News
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
BleepingComputer
New Bluekit phishing service includes an AI assistant, 40 templates
Romanian leader of online swatting ring gets 4 years in prison
FBI links cybercriminals to sharp surge in cargo theft attacks
April KB5083769 Windows 11 update causes backup software failures
What Happens in the First 24 Hours After a New Asset Goes Live
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
Critical cPanel and WHM bug exploited as a zero-day, PoC now available
Police dismantles 9 crypto scam centers, arrests 276 suspects
Official SAP npm packages compromised to steal credentials
Popular WordPress redirect plugin hid dormant backdoor for years
gbhackers
PoC Disclosed for Critical Root ASUSTOR ADM RCE Flaw
OpenAI Unveils Cyber Defense Roadmap Focused on AI-Powered Security
Attackers Exploit cPanel Authentication Bypass 0-Day After PoC Release
Jenkins Plugin Updates Fix Path Traversal and Stored XSS Bugs
Backdoored WordPress Plugin Abuses Remote Update Checker for Silent Code Delivery
Qinglong Task Scheduler RCE Flaws Exploited in the Wild
Compromised SAP npm Packages Found Harvesting Developer and CI/CD Secrets
SonicWall SonicOS Flaw Lets Attackers Bypass Access Controls and Crash Firewalls
ProFTPD SQL Injection Flaw Opens Door To Remote Code Execution Attacks
Linux Kernel 0-Day “Copy Fail” Grants Root Access Across Major Distros Since 2017
Cybersecurity Dive
PwC partners with Google Cloud to take on the managed security market
US agencies promote zero-trust practices for operational technology networks
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog
State CISOs losing confidence in ability to manage cyber risks
‘Fundamental tension’ undermines manufacturers’ cybersecurity
North Korea-linked actor targets Web3 execs in social-engineering campaign
Major critical infrastructure supplier reports cyberattack
US, UK authorities warn that Firestarter backdoor malware survives patching
When security becomes the attack surface: Why endpoint protection must evolve
Hasbro expects March cyberattack to impact second-quarter revenue
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Bot her emails: most modern phishing campaigns are AI-enabled
FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'
Google's fix for critical Gemini CLI bug might break your CI/CD pipelines
French prosecutors link 15-year-old to mega-breach at state’s secure document agency
Nearly half of UK businesses pwned last year as phishing keeps doing the job like it's 2005
What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day
Britain's £6B armoured sickener Ajax cleared for duty despite injuring troops
Finance company stores DB credentials in helpfully labeled spreadsheet
Linux cryptographic code flaw offers fast route to root
VentureBeat
Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it
Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall
The enforcement gap: 88% of enterprises reported AI agent security incidents last year
TechCrunch
Hackers are actively exploiting a bug in cPanel, used by millions of websites
After dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, too
Dental practice software maker fixes bug that exposed patients’ medical records
Sri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministry
Paragon is not collaborating with Italian authorities probing spyware attacks, report says
US Supreme Court appears split over controversial use of ‘geofence’ search warrants
Hacker who allegedly carried out cyberattacks for China is extradited to US
Critical infrastructure giant Itron says it was hacked
Another spyware maker caught distributing fake Android snooping apps
Trump’s pick to run US cyber agency CISA asks to drop out
Network World Security
Network jobs watch: Hiring, skills and certification trends
IT certification pay surges as noncertified skills slump
QuEra claims quantum error correction breakthrough with 2-to-1 qubit ratio
HPE expands ProLiant line with rugged edge servers
Deconstructing the data center: A massive (and massively liberating) project
Cisco bolsters security, AI support in latest SD-WAN release
The era of chatbot AIOps is fading as agentic AI gains traction
Auvik bets agentic AI can fill the networking skills gap
2026 network outage report and internet health check
Infected Cisco firewalls need cold start to clear persistent Firestarter backdoor
Help Net Security
cPanel zero-day exploited for months before patch release (CVE-2026-41940)
Cisco releases open-source toolkit for verifying AI model lineage
Met Police face criticism for using AI to spy on their own officers
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)
Researchers develop tool to expose GPS signal spoofing in transit networks
Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs
Hackers arrested for stealing and reselling 600,000 Roblox accounts
Automated LLM red teaming gets a learning layer
Bad bots make up 40% of internet traffic
Warp open sources its AI terminal client
SC Magazine
FIRESTARTER - PSW #924
‘Copy Fail’ bug can obtain root privileges in Linux distributions since 2017
US privacy fines skyrocket past $3.4B, Gartner reports
Federal charges filed against teen hacker allegedly part of Scattered Spider
Ryanair flight compensation data purportedly pilfered, leaked
Minimum Viable Company: The fastest path to cyber resilience
Allegedly stolen Pitney Bowes data leaked by ShinyHunters
KryBit retaliates against 0APT with extensive data leak
Multi-stage DHL phishing campaign examined
Report sheds light on Chinese phishing campaigns against journalists, activists
© 2026 RiskDiscovery | Sponsored by: Deception Logic