[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
ChatGPT, GenAI Tools Open to 'Man in the Prompt' Browser Attack
African Orgs Fall to Mass Microsoft SharePoint Exploits
Nimble 'Gunra' Ransomware Evolves With Linux Variant
The Hidden Threat of Rogue Access
Critical Flaw in Vibe-Coding Platform Base44 Exposes Apps
Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm
Root Evidence Bets on New Concept for Vulnerability Patch Management
Insurance Giant Allianz Life Grapples With Breach Affecting 'Majority' of Customers
Chaos Ransomware Rises as BlackSuit Gang Falls
Ghost Students Drain Money, Resources From Educational Sector
Ars Technica
Flaw in Gemini CLI coding tool could allow hackers to run nasty commands
AI in Wyoming may soon use more electricity than state’s human residents
OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test
Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel
After BlackSuit is taken down, new ransomware group Chaos emerges
OpenAI’s most capable AI model, GPT-5, may be coming in August
Supply-chain attacks on open source software are getting out of hand
Two major AI coding tools wiped out user data after making cascading mistakes
Nvidia AI chips worth $1B smuggled to China after Trump export controls
Some VMware perpetual license owners are unable to download security patches
CyberScoop
Palo Alto Networks to acquire CyberArk for $25 billion
CISA is facing a tight CIRCIA deadline. Here’s how Sean Plankey can attempt to meet it
Research shows data breach costs have reached an all-time high
Minnesota governor activates National Guard amid St. Paul cyberattack
CISA says it will release telecom security report sought by Sen. Wyden to lift hold on Plankey nomination
Researchers flag flaw in Google’s AI coding assistant that allowed for ‘silent’ code exfiltration 
Sen. Hassan wants to hear from SpaceX about scammers abusing Starlink
FBI alerts tie together threats of cybercrime, physical violence from The Com
Hundreds of registered data brokers ignore user requests around personal data
Microsoft’s software licensing playbook is a national security risk
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
The Pixel 10 may have the most significant charging feature of all Android phones (if Google gets it right)
Google is using passkeys and new security tools to help you fight cyberattacks - here's how
Stanford's holographic AI glasses are coming for your clunky VR headset
How to clear your TV cache (and why it makes such a noticeable difference)
Slow Roku TV? This 30-second fix made my system run like new again
This Windows laptop is my pocket pick for best MacBook Pro alternative - and it's $800 off
AT&T will give you $200 in gift cards for trying fiber internet - but time's running out
Should you consider a flagship smartwatch when this $130 model exists? I wouldn't
5 ways to ensure your team gets the credit it deserves, according to business leaders
Your Circular Ring just got a big health tracking update - for free
The Hacker News
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools
Product Walkthrough: A Look Inside Pillar's AI Security Platform
Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware
Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
BleepingComputer
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
Minnesota activates National Guard after St. Paul cyberattack
Russian airline Aeroflot grounds dozens of flights after cyberattack
Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware
Microsoft Edge now an 'AI-powered browser' with Copilot Mode
French telecom giant Orange discloses cyberattack
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
How attackers are still phishing "phishing-resistant" authentication
Lovense sex toy app flaw leaks private user email addresses
Cybersecurity Dive
CISA’s Joint Cyber Defense Collaborative takes major personnel hit
‘Shadow AI’ increases cost of data breaches, report finds
FBI, CISA warn about Scattered Spider’s evolving tactics
Ransomware attacks against oil and gas firms surge
Research shows LLMs can conduct sophisticated attacks without humans
Allianz Life discloses massive data breach linked to supply-chain attack
Emerging cybersecurity needs: What the market is telling us
Philadelphia Indemnity Insurance discloses June data breach
Treasury sanctions North Koreans involved in IT-worker schemes
Senators push CISA director nominee on election security, agency focus
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Palo Alto Networks inks $25b deal to buy identity-security shop CyberArk
Ransomware gang sets deadline to leak 3.5 TB of Ingram Micro data
CISA caves to Wyden, agrees to release US telco insecurity report - but won’t say when
FBI: Watch out for these signs Scattered Spider is spinning its web around your org
Raspberry Pi RP2350 A4 update fixes old bugs and dares you to break it again
War Games: MoD asks soldiers with 1337 skillz to compete in esports
Microsoft spotlights Apple bug patched in March as SharePoint exploits continue
Security pros are drowning in threat-intel data and it's making everything more dangerous
Majority of 1.4M customers caught in Allianz Life data heist
Aeroflot aeroflops over 'IT issues' after attackers claim year-long compromise
VentureBeat
Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale
How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution
AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders
ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step
Sparrow raises $35M Series B to automate the employee leave management nightmare
How E2B became essential to 88% of Fortune 100 companies and raised $21 million
CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone
SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more
Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely
Anthropic researchers discover the weird AI problem: Why thinking longer makes models dumber
TechCrunch
Google says UK government has not demanded an encryption backdoor for its users’ data
Tea app disables DMs after second data breach exposed over a million private messages
Telecom giant Orange warns of disruption amid ongoing cyberattack
Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers
Trump’s cybersecurity cuts putting nation at risk, warns New York cyber chief
Flights grounded as Russia’s largest airline Aeroflot hacked and systems ‘destroyed’
Dating safety app Tea breached, exposing 72,000 user images
Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack
Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers
Cybercrime forum Leak Zone publicly exposed its users’ IP addresses
Network World Security
Micron unveils PCIe Gen6 SSD to power AI data center workloads
IBM: Cost of U.S. data breach reaches all-time high and shadow AI isn’t helping
Survey: AI, cyber threats, distributed workforces challenge IT teams most
Backblaze adds cloud storage security protection features
Debian shifts to 64-bit time storage to head off Epochalypse
Network jobs watch: Hiring, skills and certification trends
Multi-cloud migration startup FluidCloud emerges from stealth
2025 global network outage report and internet health check
Cisco donates AI agent tech to Linux Foundation
Huawei showcases CloudMatrix 384 AI system to rival Nvidia’s flagship
Help Net Security
Artemis: Open-source modular vulnerability scanner
The food supply chain has a cybersecurity problem
Why CISOs should rethink identity risk through attack paths
AI is here, security still isn’t
Boards shift focus to tech and navigate cautious investors
Fighting AI with AI: How Darwinium is reshaping fraud defense
Darwinium launches AI tools to detect and disrupt adversarial threats
Beyond Passwords: A Guide to Advanced Enterprise Security Protection
Intruder launches GregAI to deliver AI-powered, contextual security workflow management
Cyware expands Intelligence Suite to streamline CTI program deployment and operations
InfoSecurity Magazine
Hidden Backdoor Found in ATM Network via Raspberry Pi
Google to Publicly Report New Vulnerabilities Within One Week of Vendor Disclosure
Third of Exploited Vulnerabilities Weaponized Within a Day of Disclosure
Data Breach Costs Fall for First Time in Five Years
US Tops Hit List as 396 SharePoint Systems Compromised Globally
OWASP Launches Agentic AI Security Guidance
French Telco Orange Hit by Cyber-Attack
Critical Authentication Flaw Identified in Base44 Vibe Coding Platform
Auto-Color Backdoor Malware Exploits SAP Vulnerability
CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine
© 2025 RiskDiscovery | Sponsored by: Deception Logic