[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
[An RX Global Event] Infosecurity Europe
Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit
Name That Toon: Mark of (Cybersecurity) Progress
As Global Powers Explore Humanoid Robots, Cyber-Risk Looms
Asia's Cyber Insurance Market Shows Signs of Life
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
'The Com' Cyberattacks Support Violence & Sexploitation
Dutch Raid Fails to Dent Russian Bulletproof Host
Agentic AI Isn't Risky; the Way Orgs Deploy It Is
Ars Technica
Dozens of Red Hat packages backdoored through its offical NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
US's big bet on quantum computing may not be entirely legal
Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption
A hacker group is poisoning open source code at an unprecedented scale
US government takes $2 billion equity stake in nine quantum computing firms
Google publishes exploit code threatening millions of Chromium users
CyberScoop
Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight
USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order 
Election threats are focused on campaign systems, not voting machines
Tennessee man linked to 764 accused of series of crimes against children dating back to 2022
Federal audit reveals NIST’s NVD is plagued by poor planning and duplication
House panel poised to hold hearing centered on AI impact on cyber
Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket
Zapier fixes bug chain that researchers say risked widespread account takeover
OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
InfoSecurity Magazine
Critical Flowise Flaw Gives Attackers Full Server Control
Infosecurity Europe: Tabletop Exercise to Test How CISOs Respond to Major Supermarket Cyber-Attack
Infosecurity Europe: AI SOCs Will Still Need SOC Analysts, Security Vendors Say
FSB Group Gamaredon Hides Worm in Windows Data Streams
Attackers Abuse Shared Content for ChatGPT Phishing Campaign
Palo Alto Warns High-Severity Bug Is Being Actively Exploited
Infosecurity Europe: OWASP Forms New Agentic Research Council
Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
Infosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec Takes Over
Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies
SecurityWeek
WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites
Dutch Police Dismantle Massive 17-Million-Device Botnet
Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs
Dragos Acquires xIoT Security Firm Phosphorus
As the Pentagon Pushes for Battlefield AI, Some Military Leaders Urge Caution
19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access
Recent Palo Alto Networks Vulnerability Exploited for Weeks
Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say
Exploit Code Published for Critical Flowise RCE Vulnerability
In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks
ZDNet
Why I just connected my living room TV to a router VPN (and you should, too)
This $4 router reboot timer is the cheap internet fix I didn't know I needed - and it works reliably
New PC? This MX Linux version is the best distro for you
You can play Angry Birds on Android Auto, plus 4 more popular games - here's how
Home Depot will give you a free Ryobi power tool with this battery set - and I'd recommend it
I ditched my office desktop PC for a gaming laptop, and it's a serious productivity upgrade
My top 7 laptop-bag essentials now, after decades of remote work
You can leave FaceTime video voicemails, and a lot of people don't know it - here's how
Why I happily paid for the Transmit MacOS app - and it's not just the 16x faster file transfer speed
Chrome stops hackers from stealing your browser cookies now - how its new security feature works
The Hacker News
Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
BleepingComputer
Dashlane password manager users locked out by brute force attacks
WordPress malware campaign hides payloads in Steam profiles
Microsoft investigates Office Apps, Teams file access issues
Race Against Time: Why Faster Vulnerability Alerts Matter
Critical Windows Netlogon RCE flaw now exploited in attacks
Webinar tomorrow: From alert to resolution in network incident response
Microsoft fixes outage affecting MFA setup, MySignIn service
Microsoft fixes KB5089549 Windows security update install issues
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
gbhackers
RaccoonLine Publishes a Breakdown of 7 Structural Differences Between dVPNs and Traditional VPNs
Attackers Exploit Docker, Kubernetes Misconfigs to Breach Hosts
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
Critical Plesk Vulnerability Lets Users Execute Server Commands
Iranian Hackers Hijack AppDomainManager to Bypass EDR
Microsoft: No Lawsuits Against Researchers in Nightmare-Eclipse Row
Iran-Linked Hackers Wipe IT and Recovery Systems in Middle East Cyberattack
Meta AI Vulnerability Allegedly Enables Instagram Password Resets
Microsoft KB5089573 Fixes Windows 11 Patch Tuesday Install Failures
Windows Netlogon 0-Click RCE Vulnerability Under Active Exploitation
Cybersecurity Dive
CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation
Without strong governance, companies put credit ratings at risk in AI era
Top 4 data security best practices for the AI-enabled enterprise
How Canva scaled to 260+M users while elevating security and productivity
CISA urges security teams to check for software development compromises
How CISOs can manage sovereign-cloud security risks
IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities
Enterprise data is creeping its way into shadow AI tools
Coordinated operation takes down Glassworm botnet
Leading AI models are more vulnerable to malicious prompts than vendors claim
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Election interlopers register 5K+ domains, hope to catch some voting phish
GTA cheat service Atlas Menu hacked as attacker alleges screenshot spying
Palo Alto VPN bug graduates from advisory to active exploitation
Password manager Dashlane suspends customer accounts amid brute-force attacks
Putin sends submarines to survey Britain's subsea cables. UK deploys Royal Navy, mobilizes parliamentary draftsmen
Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries
ICE to keep an eye on your eyes under $25M biometric scanner deal
No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out
23andMe inherits lawsuit over 'disturbing' DNA data breach
Dutch cops wrest 17M devices from mystery botnet's clutches
VentureBeat
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.
Valid certificates, stolen accounts: how attackers broke npm's last trust signal
Americans can’t spot a deepfake, and that’s a business crisis, not just a consumer problem
TechCrunch
Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access
Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers
Microsoft under fire for threatening security researcher with criminal investigation
Final 24 hours to save up to $410 on your TechCrunch Disrupt 2026 ticket
Hackers are trying to steal Signal users’ backups in new wave of widespread attacks
A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licenses
US says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’
UK Visa Portal exposed thousands of applicants’ passports and selfies — then called the lawyers on us
CrowdStrike and Google take down botnet used by hackers to target open source software developers
TechCrunch Disrupt 2026 Early Bird ticket savings end in 3 days
Network World Security
Can Chinese memory maker CXMT help relieve the memory shortage?
Broadcom, Samsung team for wireless SoC
Intel focuses on power efficiency and cost with new chip designs
Cisco: Latest news and insights
Meta considers becoming a hyperscaler
Zero trust isn’t broken, but most companies are doing it wrong
As AI datacenter memory becomes hot commodity, SK Hynix makes it cooler
Cisco research finds standard AI safety benchmarks miss the real threat
Cisco redefines ‘job-ready’ for network engineers with its certification overhaul
2026 network outage report and internet health check
Help Net Security
OpenAI requires stronger authentication for users of its most powerful AI models
Meta tries to get ahead of scammers before the World Cup begins
NetQuest expands NetworkLens to detect threats hidden in network management traffic
Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089)
Secure Code Warrior connects developer training to AI usage and code risks
Brute-force attack triggers Dashlane account lockouts
Insight bundles exposure management, patch operations, and XDR into one service
depthfirst adds pre-install protection against malicious dependencies
PathSolutions brings on-premises AI troubleshooting to NetOps teams
Cato cuts vulnerability protection time to 45 minutes with agentic threat research
SC Magazine
PAN-OS authentication bypass bug added to list of exploited vulnerabilities
AI security’s cost bottleneck isn’t tokens – it’s validation
Russian hacker used AI to run fraud scheme on MAGA Telegram channel
Attackers use ChatGPT feature to spread malware
Dutch authorities disrupt massive botnet of 17 million devices
California sues 23andMe over 2023 data breach
The 2026 FIFA World Cup: A network availability stress test
How to defend at machine speed: A post-LLM era playbook 
Helping defense's use of AI catch up with offense, cost of the vulnpocalypse, news - Evan Powell - ESW #461
AI helps Russian-speaking GreyVibe run five parallel attack chains on Ukrainian targets
© 2026 RiskDiscovery | Sponsored by: Deception Logic