[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
[Virtual Event] Anatomy of a Data Breach: What to Do if it Happens to You
Infosecurity Europe
Akamai Joins Growing Chorus of Vendors Betting Big on Secure Enterprise Browsers
Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments
Google API Keys Remain Active After Deletion
AI Agents Are Shifting Identity Security Budget Dynamics
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
Content Delivery Exploit Opens Websites to Brand Hijacking
Cyber Pros Can't Decide If AI Is a Good or a Bad Thing
Ars Technica
US's big bet on quantum computing may not be entirely legal
Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption
A hacker group is poisoning open source code at an unprecedented scale
US government takes $2 billion equity stake in nine quantum computing firms
Google publishes exploit code threatening millions of Chromium users
In stunning display of stupid, secret CISA credentials found in public GitHub repo
Zero-day exploit completely defeats default Windows 11 BitLocker protections
Cisco announces record revenue and 4,000 layoffs in the same day
Linux bitten by second severe vulnerability in as many weeks
Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
CyberScoop
FBI warns about fast-growing phishing kit targeting Microsoft 365 users
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
Lawmakers from both parties say CISA cuts have gone too far
Trump postpones executive order focused on AI security 
CISA chief frets about open-source vulnerabilities, delayed security improvements
European authorities take down prolific cybercrime VPN service
The readiness paradox: Why a false sense of cyber confidence is becoming a liability
Meet Rampart and Clarity, Microsoft’s new red team combo AI agents
GitHub says internal repositories were impacted in poisoned VS Code extension attack
CISA credential leak raises alarms, and Capitol Hill demands answers
InfoSecurity Magazine
FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens
Fake Streams, Counterfeit Merch and Other Scams: How Fraudsters Target F1 Fans
Fake Gemini and Claude Code Sites Spread Infostealers Through SEO Poisoning
Apple Blocked $2.2bn in App Store Fraud in the Last Year
Cybercriminal VPN Dismantled in Europol Crackdown
GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension
Three-Quarters of Firms Knowingly Ship Vulnerable Code
Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes
Grafana Labs Says Code Breach Stemmed from TanStack Attack
Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users
SecurityWeek
Ghost CMS Vulnerability Exploited to Hack Over 700 Websites
Oncology Institute Discloses Data Breach
266,000 Affected by Data Breach at Radiology Associates of Richmond
Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects
Laravel-Lang Packages Poisoned for Malware Delivery
DocketWise Data Breach Impacts 143,000
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
ZDNet
The best Memorial Day laptop deals: Save on Apple, Dell, Lenovo, and more
7 WFH gadgets that are huge quality of life improvements
This lab-tested robot vacuum picked up more dirt than any other - and it's on sale
5 gadgets I'm buying this summer to grow my green thumb (and they're all discounted)
I'm expanding my smart home, and these are the Memorial Day deals I'm shopping
I test robot vacuums for a living, and these are the 11 best Memorial Day deals right now
These are my 7 favorite gadgets to add ambiance to your home, and they're all on sale
The top 10 Memorial Day deals our readers keep buying (No. 3 is tiny yet functional)
I've tested portable speakers from Bose, Sony, JBL, more - these deals are actually worth it
6 pet deals you don't want to miss this Memorial Day weekend, including robot litter boxes
The Hacker News
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
The Alert Firehose Finally Meets Its Match
Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
BleepingComputer
Anthropic’s restricted Claude Mythos model may be coming to Claude Code
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
Laravel Lang packages hijacked to deploy credential-stealing malware
Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
Former US execs plead guilty to aiding tech support scammers
Trend Micro warns of Apex One zero-day exploited in the wild
Drupal: Critical SQL injection flaw now targeted in attacks
Why Chargebacks are Just One Piece of the Fraud Puzzle
gbhackers
InvisibleFerret Malware Uses .pyd and .so Files to Evade Script Detection
APT Group Patches termsrv.dll to Enable Multiple RDP Sessions
WhatsApp Chat Histories Exposed in Unencrypted Storage on macOS and iOS
Telegram Channels Fuel Sale of Verified Bank Mule Accounts
Italian Authorities Dismantle CINEMAGOAL App Enabling Unauthorised Access to Streaming Platforms
Hackers Actively Scan SonicWall Firewall Interfaces as 597,000 Sessions Observed
CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks
Hackers Exploit Azure RBAC to Steal Key Vault Secrets
Hackers Exploit Shared CDNs to Evade Domain Reputation Filters
Hackers Hide Linux Malware in SSH-Like Package Filename
Cybersecurity Dive
Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
New York regulator calls for additional cyber mitigation amid heightened threat environment
CISA asks cybersecurity community to alert it to vulnerability exploitation
Grafana Labs links GitHub environment breach to TanStack npm supply chain attack
7-Eleven hit by data breach
Microsoft disrupts cybercrime operation that hid behind legitimate software
Compromised coding tool helped hackers breach thousands of GitHub repositories
Telecom sector launches its own private ISAC
Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN
Grafana Labs says hacker gained access to codebase through leaked token
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Anthropic to release Mythos-class models to the public
AI eyes scanning for bugs create a worrisome Linux security trend
A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim's crypto wallets
Megalodon chums the waters in 5.5K+ GitHub repo poisonings
Techie claims Trump Mobile website was leaking thousands of people's data
Cisco used AI to write security incident reports, with mixed results
Dems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund'
Threat hunters find Google API keys still usable 23 minutes after deletion
HackerOne takes an axe to its bug bounty rewards
Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach
VentureBeat
Valid certificates, stolen accounts: how attackers broke npm's last trust signal
Americans can’t spot a deepfake, and that’s a business crisis, not just a consumer problem
MFA verifies who logged in. It has no idea what they do next.
GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK
Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering
Agent authorization is broken — and authentication passing makes it worse
Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps
TechCrunch
These special phone and app features can help protect you from spyware
Kash Patel’s clothing brand website shut down after reports it was hacked
Trump Mobile confirms it exposed customers’ personal data, including phone numbers and home addresses
Law enforcement shuts down VPN service used by two dozen ransomware gangs
Scammers are abusing an internal Microsoft account to send spam links
Customers say Trump Mobile is leaking their personal information
GitHub says hackers stole data from thousands of internal repositories
Discord enables end-to-end encrypted voice and video calling for every user
From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing
Hackers have compromised dozens of popular open source packages in an ongoing supply-chain attack
Network World Security
IBM plans $2B quantum chip foundry; government will pay half
Cisco: AI traffic is radically reshaping WANs
xAI-Anthropic deal signals the rise of AI compute as a standalone business
Critical vulnerability in Cisco Secure Workload rated at maximum severity
Cisco’s new certs are a wake-up call for AI-era network engineers
Microsoft plans significant update to Windows Secure Boot
Forward launches Predict to take the guesswork out of network changes
Network jobs watch: Hiring, skills and certification trends
Nvidia: Latest news and insights
Riverbed expands autonomous AI capabilities for Aternity platform
Help Net Security
Anthropic adds 28 security and compliance integrations for Claude
Cisco refines its risk-based vulnerability disclosure for the AI era
Authorities seize 800 servers used for cyberattacks and disinformation
US states step up cyber defenses to protect local communities
Lessons for organizations from the Verizon 2026 Data Breach Investigations Report
OpenHack: Open-source AI-powered vulnerability research
Boards want cyber risk in dollars, not CVE counts
Turns out the C-suite loves shadow AI
Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited
$20 per zero-day is already the WordPress plugin reality
SC Magazine
Visibility with EDR/MDR is still important, 'the basics' are impossible, and the news - Rob Allen - ESW #460
Ubiquiti patches three critical vulnerabilities in UniFi OS
Cisco warns of AI inaccuracies in security incident reports
Organizations knowingly ship vulnerable code amid shrinking exploit windows
Kash Patel's merchandise site hacked to distribute malware
TVs, Old York, Flipper One, Ubiquity, Underminr, CISOs, GitHub, Josh Marpet... - SWN #583
Zscaler acquires Symmetry Systems to enhance AI security
Belarus-linked Ghostwriter group targets Ukraine using Prometheus learning platform lures
Middle East malicious infrastructure report highlights concentration of C2 servers
Former executives plead guilty in global tech support fraud scheme
© 2026 RiskDiscovery | Sponsored by: Deception Logic