[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
Hims Breach Exposes the Most Sensitive Kinds of PHI
Your Next Breach Will Look Like Business as Usual
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
Orange Business Reimagines Enterprise Voice Communications With Trust and AI
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
Do Ceasefires Slow Cyberattacks? History Suggests Not
Ars Technica
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
CyberScoop
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Why is the timeline to quantum-proof everything constantly shrinking?
Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’
Don’t just fight fraud, hunt it
Hack-for-hire spyware campaign targets journalists in Middle East, North Africa
Feds quash widespread Russia-backed espionage network spanning 18,000 devices
Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities
Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn
Cybercrime losses jumped 26% to $20.9 billion in 2025
InfoSecurity Magazine
Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat
Mirax Android Trojan Turns Devices Into Residential Proxy Nodes
FBI Dismantles $20m Phishing Operation W3LL
UK Cyber Security Council Launches Associate Cyber Security Professional Title
Operation Atlantic Seizes $12m in Crypto Losses
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies
STX RAT Targets Finance Sector With Advanced Stealth Tactics
Bitcoin Depot Reports $3.6m Crypto Theft After System Breach
Atomic Stealer MacOS ClickFix Attack Bypasses Apple Security Warnings
SecurityWeek
Booking.com Says Hackers Accessed User Information
BrowserGate: Claims of LinkedIn ‘Spying’ Clash With Security Research Findings
OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack
International Operation Targets Multimillion-Dollar Crypto Theft Schemes
CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads
Fake Claude Website Distributes PlugX RAT
Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users
Adobe Patches Reader Zero-Day Exploited for Months
In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack
Juniper Networks Patches Dozens of Junos OS Vulnerabilities
ZDNet
This Linux distro offers an easy DNS switcher - but there's more to it that I like
I tested Artix Linux: An enjoyable systemd-free distro for experienced users (and ChromeOS speeds)
I spent two years testing wind power at home - here's why solar is still my preferred source
I love AirTags, but this alternative slips right in my wallet and solves their biggest flaw
I camera-tested the Samsung Galaxy S26 Ultra with Oppo and Xiaomi - this model won it for me
How I squeeze more power from my portable solar panels: 11 ways to get up to 30% extra
I see why Ubuntu 26.04 is more than just a performance bump for thrill-seeking gamers
France is replacing 2.5 million Windows desktops with Linux - and I mapped out its new stack
I bought an earwax camera for my toolkit and use it for everything but my ears
As an Android user, this MagSafe wallet is the clearest reason why Qi2 magnets shouldn't be ignored
The Hacker News
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
BleepingComputer
OpenAI rotates macOS certs after Axios attack hit code-signing workflow
New Booking.com data breach forces reservation PIN resets
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
Critical Marimo pre-auth RCE flaw now under active exploitation
Over 20,000 crypto fraud victims identified in international crackdown
ChatGPT rolls out new $100 Pro subscription to challenge Claude
Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
gbhackers
GitHub and Jira Alerts Hijacked for Trusted-SaaS Phishing
New Nginx 1.29.8 and FreeNginx Versions Patch Critical Security Flaws
Hackers Exploit MSBuild LOLBin to Evade Detection in Fileless Windows Attacks
Iran-Linked CyberAv3ngers Target Water Utilities, Industrial Controllers
Basic-Fit Suffers Data Breach Affecting Millions Across Multiple Nations
Critical Axios Vulnerability Enables Remote Code Execution, PoC Released
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain
Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure
APT37 Uses Facebook, Telegram, and Trojanzied Installer in New Targeted Cyberattack
Apache Tomcat Flaws Enable EncryptInterceptor Bypass
Cybersecurity Dive
CISOs see gaps in their incident response playbooks
US, Indonesia shut down ‘sophisticated’ phishing kit
Stryker warns of earnings fallout from March cyberattack
Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign
NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog
US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure
Iran-linked hackers target water, energy in US, FBI and CISA warn
CISA’s vulnerability scans, field support on chopping block in Trump budget
React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Booking.com warns reservation data may have checked out with intruders
Gym giant Basic-Fit confirms data on a million members stolen in cyberattack
Rockstar Games gets a taste of grand theft data
NHS pays £46K to prep next Microsoft licensing round
China wants AI to prepare school lessons and mark homework
Anthropic's mysterious Mythos AI threatens to upend the infosec world
Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise
Hungarian government creds left in the safe hands of 'FrankLampard'
CPUID site hijacked to serve malware instead of HWMonitor downloads
Project Glasswing and open source software: The good, the bad, and the ugly
VentureBeat
Five signs data drift is already undermining your security models
Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot
AI agent credentials live in the same box as untrusted code. Two new architectures show where the blast radius actually stops.
Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook
AI agents that automatically prevent, detect and fix software issues are here as NeuBird AI launches Falcon, FalconClaw
Closing the data security maturity gap: Embedding protection into enterprise workflows
OCSF explained: The shared data language security teams have been missing
TechCrunch
Booking.com confirms hackers accessed customers’ data
Hack at Anodot leaves over a dozen breached companies facing extortion
France to ditch Windows for Linux to reduce reliance on US tech
Hacker stole £700,000 from UK energy company by redirecting payment
WireGuard VPN developer can’t ship software updates after Microsoft locks account
Hack-for-hire group caught targeting Android devices and iCloud backups
Hackers steal and leak sensitive LAPD police documents
Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account
Final 3 days to save up to $500 on your TechCrunch Disrupt 2026 pass
Iranian hackers are targeting American critical infrastructure, US agencies warn
Network World Security
Intel: Latest news and insights
AI demand is so high, AWS customers are trying to buy out its entire capacity
Intel secures Google cloud and AI infrastructure deal
OpenAI puts part of Stargate project on hold over runaway power costs
Broadcom strikes chip deals with Google, Anthropic
Cisco: Latest news and insights
Google owns the most AI compute, and it built it its way
Cisco to acquire Galileo for AI observability
Nvidia: Latest news and insights
Top network and data center events of 2026
Help Net Security
Hackers hijacked CPUID downloads, served STX RAT to victims
$12 million frozen, 20,000 victims identified in crypto scam crackdown
Rockstar Games receives “pay or leak” warning after cyberattack
Google makes it harder to exploit Pixel 10 modem firmware
Siemens expands Industrial Automation DataCenter with edge AI and cybersecurity
Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)
Seized VerifTools servers expose 915,655 fake IDs, 8 arrested
Fixing vulnerability data quality requires fixing the architecture first
ZeroID: Open-source identity platform for autonomous AI agents
MITRE releases a shared fraud-cyber framework built from real attack data
SC Magazine
ShinyHunters claims Rockstar Games data breach via Snowflake and Anodot
How to stop employees from taking too many risks with AI
Ransomware in 2025: How Cybercriminals Operate & How to Stop Them - WC #1
From Compliance to Code: Rethinking Cloud Security - Richard Marcus - CSP #223
Identity security: In the critical path for agent deployment
AI browser extensions more likely to have known vulnerabilities, report says
We catch up on the news, including AI vuln hunting; also more RSAC interviews! - Mark Lambert, Samuel Hassine, John Wilson, Georges Bossert - ESW #454
From awareness to action: Closing the human risk gap in cybersecurity
Staypuft, Claude, One Pixel, deepfakes, Raccoon, BOFH, Satoshi Nakamoto, Josh Marpet. - SWN #571
Intensified robocall clampdown mulled by FCC
© 2026 RiskDiscovery | Sponsored by: Deception Logic