[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Interlock Ransomware Targets Cisco Enterprise Firewalls
AI Conundrum: Why MCP Security Can't Be Patched Away
With Government's Role Uncertain, Businesses Unite to Combat Fraud
Native Launches With Security Control Plane for Multicloud
Post-Quantum Web Could be Safer, Faster
EU Sanctions Companies in China, Iran for Cyberattacks
C2 Implant 'SnappyClient' Targets Crypto Wallets
DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft
SideWinder Espionage Campaign Expands Across Southeast Asia
Ars Technica
Cloud service providers ask EU regulator to reinstate VMware partner program
Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Supply-chain attack using invisible code hits GitHub and other repositories
The who, what, and why of the attack that has shut down Stryker's Windows network
14,000 routers are infected by malware that's highly resistant to takedowns
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
Amazon appears to be down, with over 20,000 reported problems
Trump gets data center companies to pledge to pay for power generation
Downdetector, Speedtest sold to IT service-provider Accenture in $1.2B deal
CyberScoop
Justice Department disrupts botnet networks that hijacked 3 million devices
North Carolina tech worker found guilty of insider attack netting $2.5M ransom
Can Zero Trust survive the AI era?
Feds keep eyes peeled for Iran cyberattacks, respond to Stryker breach
Cisco’s latest vulnerability spree has a more troubling pattern underneath
U.S. robotics companies want federal help to keep Chinese robots out of America’s networks
Second iOS exploit kit now in use by suspected Russian hackers
CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors
Trump administration isn’t pushing companies to conduct cyber offense, national cyber director says
Appeals court temporarily pauses order blocking Perplexity’s AI shopping agent on Amazon
InfoSecurity Magazine
Hackers Exploit Critical Langflow Bug in Just 20 Hours
NCA Boss Warns That Teens Are Being “Radicalized” Into Cybercrime Online
Ransomware Affiliate Exposes Details of 'The Gentlemen' Operation
Financial Brands Targeted in Global Mobile Banking Malware Surge
FCA Updates Cyber Incident and Third-Party Reporting Rules
AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
UK: Regulation Drives Cyber Spending for Critical Infrastructure Orgs
New Ubuntu Flaw Enables Local Attackers to Gain Root Access
Crypto Scam "ShieldGuard" Dismantled After Malware Discovery
AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure
SecurityWeek
3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China
Eclypsium Raises $25 Million for Device Supply Chain Security
US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites
Cape Raises $100 Million for Protection Against Cellular Security Threats
Navia Data Breach Impacts 2.7 Million
Thousands of Magento Sites Hit in Ongoing Defacement Campaign
Allure Security Raises $17 Million for Online Brand Protection
Critical Langflow Vulnerability Exploited Hours After Public Disclosure
Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation
Oasis Security Raises $120 Million for Agentic Access Management
ZDNet
I'm worried for Samsung and Google when cheap Android phones like this exist
Hit by breaches? I tried a data removal service to take back my privacy - how it paid off
Should you upgrade to M5 MacBook Pro from the M1? Short answer: It's probably time
Chainguard is racing to fix trust in AI-built software - here's how
How to check if a text message is spam on Android - and the free tool I rely on
The best streaming deals right now: Hulu, Disney+, Paramount+, and more
You're being tracked online - 9 easy ways to stop the surveillance
6 WFH gadgets that leveled up my home office (and all of them are on sale)
The best WordPress hosting services of 2026: Expert tested and reviewed
I used Omega Linux to revitalize a junk PC, and it's noticeably better than Ubuntu
The Hacker News
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
How Ceros Gives Security Teams Visibility and Control in Claude Code
BleepingComputer
CISA orders feds to patch max-severity Cisco flaw by Sunday
How CISOs Can Survive the Era of Geopolitical Cyberattacks
Musician admits to $10M streaming royalty fraud using AI bots
International joint action disrupts world’s largest DDoS botnets
Microsoft: March Windows updates break Teams, OneDrive sign-ins
Ex-data analyst stole company data in $2.5M extortion scheme
Navia discloses data breach impacting 2.7 million people
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
Bitrefill blames North Korean Lazarus group for cyberattack
FBI seizes Handala data leak site after Stryker cyberattack
gbhackers
Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution
Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls
CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
Bamboo Data Center and Server Vulnerability Enables Remote Code Execution
New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits
Navia Confirms Data Breach Exposing Sensitive Information of 2.7 Million Users
Microsoft Introduces Teams Upgrades to Improve Windows App Performance on ioS and Android
Authorities Dismantle IoT Botnet Linked to Record-Shattering 30 Tbps DDoS Campaigns
CISO Whisperer Names 11 Vendors Leading the Shift from Tools to Outcomes at RSA Conference 2026
CISA Calls on Organizations to Strengthen Microsoft Intune Security After Stryker Incident
Cybersecurity Dive
Companies know AI is essential for cyber defense but aren’t yet seeing returns
US, allies move to dismantle four high-volume IoT botnets
DOJ confirms seizure of domains linked to Iran-backed threat actor
Water utilities need hands-on cybersecurity help, not just free guidance, pilot program finds
CISA urges organizations to harden endpoint security following Stryker attack
Threat groups target cyber-physical systems to disrupt critical infrastructure providers
Stryker begins restoring ordering, shipping systems after cyberattack
New research unpacks North Korea’s stealthy, sophisticated remote IT worker schemes
National cyber director expands on Trump administration’s vision for AI security, industry collaboration
Security teams might be overlooking wider threat to Cisco SD-WAN
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
UK police force presses pause on live facial recognition after study finds racial bias
Feds disrupt monster IoT botnets behind record-breaking DDoS attacks
Jaguar Land Rover's cyber bailout sets worrying precedent, watchdog warns
Starmer's digital ID reboot raises same old questions as its Blair-era ancestor
While you're here, could you go out of your way to do an impossible job?
Unknown attackers exploit yet another critical SharePoint bug
Google gives Android users a way to install unverified apps if they prove they really, really want to
Lock down Microsoft Intune, feds warn after Stryker attack
Okta made a nightmare micromanager for your AI agents
State snoops and spyware vendors planting info-stealing malware on iPhones, Google warns
VentureBeat
Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why
The authorization problem that could break enterprise AI
Nvidia's agentic AI stack is the first major platform to ship with security at launch, but governance gaps remain
OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert
Anthropic and OpenAI just exposed SAST's structural blind spot with free tools
Enterprise identity was built for humans — not AI agents
Microsoft says ungoverned AI agents could become corporate 'double agents.' Its fix costs $99 a month.
TechCrunch
Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US
FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack
CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices
Consumer-focused privacy company Cloaked raises $375M as it expands to enterprise
FBI is buying location data to track US citizens, director confirms
Marquis says over 672,000 people had personal and financial data stolen in ransomware attack
Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools
Apple rolls out first ‘background security’ update for iPhones, iPads, and Macs to fix Safari bug
Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices
Wiz investor unpacks Google’s $32B acquisition
Network World Security
Nvidia overhauls the data center for OpenClaw era
Nile adds microsegmentation and native NAC to its secure NaaS platform
IDC: Dell leads server market driven by AI infrastructure needs
Cloud providers seek to shape European sovereignty legislation
Telnet vulnerability opens door to remote code execution as root
Nvidia joins push for data centers in space
Versa extends SASE platform with Inbound SSE and Secure Enterprise Browser
OpenAI’s $50B AWS deal puts its Microsoft alliance to the test
Lenovo bolsters hybrid AI platform with Nvidia GPUs
Fortinet’s AI-driven defense for a machine-speed era
Help Net Security
Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)
Google slows Android sideloading to trip up scammers
Terminated contract led to $2.5 million cyber extortion scheme
Rapid7 enhances Exposure Command with runtime validation and DSPM for risk analysis
Authorities disrupt four IoT botnets behind record DDoS attacks
Fake AI songs streamed billions of times, netting fraudster $10 million
Unpatched ScreenConnect servers open to attack (CVE-2026-3564)
Semgrep Multimodal brings AI reasoning and rule-based analysis to code security
ConductorOne unveils AI Access Management to accelerate secure, compliant AI adoption
Bonfy ACS 2.0 helps organizations control data use in AI environments
SC Magazine
Fake interactive Zoom call leads to malicious ScreenConnect download
Updated CISA exploited flaws list adds SharePoint, Zimbra bugs
Marquis breach toll surpasses 670K
Misconfigured AI bot databases leak millions of Sears Home Services customer records
Bitrefill pins extensive purchase record-exposing hack on Lazarus Group
Alleged Crime Stoppers informant breach compromises over 8.3M records
OpenWebUI servers targeted for extensive cryptomining
North Korean fake IT worker scheme infrastructure uncovered
Attacks with sophisticated DarkSword iOS exploit kit underway
Takedown of ShieldGuard cryptocurrency scam detailed
© 2026 RiskDiscovery | Sponsored by: Deception Logic