[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
Operational Technology Security Poses Inherent Risks for Manufacturers
Critical Site Takeover Flaw Affects 400K WordPress Sites
Risk 'Comparable' to SolarWinds Incident Lurks in Popular Software Update Tool
Closing the AI Execution Gap in Cybersecurity — A CISO Framework
Iran's Elusive "SmudgedSerpent' APT Phishes Influential US Policy Wonks
Kimsuky Debuts HTTPTroy Backdoor Against South Korea Users
AI App Spending Report: Where Are the Security Tools?
Pro-Russian Hackers Use Linux VMs to Hide in Windows
What Makes Ransomware Groups Successful?
Europe Sees Increase in Ransomware, Extortion Attacks
Ars Technica
OpenAI signs massive AI compute deal with Amazon
Two Windows vulnerabilities, one a 0-day, are under active exploitation
ChatGPT maker reportedly eyes $1 trillion IPO despite major quarterly losses
After teen death lawsuits, Character.AI will restrict chats for under-18 users
NPM flooded with malicious packages downloaded more than 86,000 times
Nvidia hits record $5 trillion mark as CEO dismisses AI bubble concerns
New physical attacks are quickly diluting secure enclave defenses from Nvidia, AMD, and Intel
OpenAI data suggests 1 million users discuss suicide with ChatGPT weekly
Expert panel will determine AGI arrival in new Microsoft-OpenAI agreement
A single point of failure triggered the Amazon outage affecting millions
CyberScoop
Congressional leaders want an executive branch strategy on China 6G, tech supply chain
House GOP leaders seek government probe, restrictions on Chinese-made tech
How the F5 breach, CISA job cuts, and a government shutdown are eroding U.S. cyber readiness
North Korean companies, people sanctioned for money laundering from cybercrime, IT worker schemes
Apple addresses more than 100 vulnerabilities in security updates for iPhones, Macs and iPads
Bugcrowd acquires Mayhem Security to advance AI-powered security testing
OPM plans to give CyberCorps members more time to find jobs after shutdown ends
Prosecutors allege incident response pros used ALPHV/BlackCat to commit string of ransomware attacks
Zscaler adds more AI to its offerings with Splx acquisition
Don’t let Congress punt on cyber insurance reform
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
The $30 accessory that has saved my iPhone from water damage (again and again)
Amazon, Perplexity, and the future of AI shopping assistants
T-Mobile now offers 911 texting via satellite for free - for Verizon and AT&T customers, too
This Sony soundbar turned my living room into the ultimate theater experience - here's how
This AI ring takes notes for you and even talks back - in your own voice
I can't work without a standing desk - this portable stand is the next best thing
Windows 10 may warn support has ended even if you paid for extended updates - here's why
I used the M5 iPad Pro exclusively for weeks, and it's so close to replacing my laptop
The first 8 Linux commands every new user should learn
My favorite Bluetooth tracker for Android and iOS just got a useful design upgrade
The Hacker News
Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
Securing the Open Android Ecosystem with Samsung Knox
Mysterious 'SmudgedSerpent' Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions
U.S. Sanctions 10 North Korean Entities for Laundering $12.7M in Crypto and IT Fraud
Why SOC Burnout Can Be Avoided: Practical Steps
CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence
A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces
European Authorities Dismantle €600 Million Crypto Fraud Network in Global Sweep
Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks
BleepingComputer
CISA warns of critical CentOS Web Panel bug exploited in attacks
Windows 11 Store gets Ninite-style multi-app installer feature
SonicWall says state-sponsored hackers behind September security breach
UK carriers to block spoofed phone numbers in fraud crackdown
University of Pennsylvania confirms data stolen in cyberattack
Cyber theory vs practice: Are you navigating with faulty instruments?
Google warns of new AI-powered malware families deployed in the wild
Police busts credit card fraud rings with 4.3 million victims
US sanctions North Korean bankers linked to cybercrime, IT worker fraud
Microsoft: October Windows updates trigger BitLocker recovery
Cybersecurity Dive
AI-based malware makes attacks stealthier and more adaptive
Hackers targeting Cisco IOS XE devices with BadCandy implant
Researchers warn of flaws that allow manipulation of Microsoft Teams messages
Identity-based attacks need more attention in cloud security strategies
Security leaders say AI can help with governance, threat detection, SOC automation
Cybercrime groups team with organized crime in massive cargo theft campaigns
Windows Server Update Service exploitation ensnares at least 50 victims
CISA, NSA unveil best-practices guide to address ongoing Exchange Server risks
FCC will vote to scrap telecom cybersecurity requirements
CISA updates guidance and warns security teams on WSUS exploitation
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Uncle Sam lets Google take Wiz for $32B
AMD red-faced over random-number bug that kills cryptographic security
Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes
M&S pegs cyberattack cleanup costs at £136M as profits slump
Famed software engineer DJB tries Fil-C… and likes what he sees
UK agri dept spent hundreds of millions upgrading to Windows 10 – just in time for end of support
Uncle Sam wants to scan your iris and collect your DNA, citizen or not
Russian spies pack custom malware into hidden VMs on Windows machines
Consumer Financial Protection Bureau's security falls apart amid layoffs
Invasion of the message body snatchers! Teams flaw allowed crims to impersonate the boss
VentureBeat
CrowdStrike & NVIDIA’s open source AI gives enterprises the edge against machine-speed attacks
Meet Aardvark, OpenAI’s security agent for code analysis and patching
Security's AI dilemma: Moving faster while risking more
Fortanix and NVIDIA partner on AI security platform for highly regulated industries
Your IT stack is the enemy: How 84% of attacks evade detection by turning trusted tools against you
When your AI browser becomes your enemy: The Comet security disaster
Agentic AI security breaches are coming: 7 ways to make sure it's not your firm
Cisco warns enterprises: Without tapping machine data, your AI strategy is incomplete
Microsoft launches 'Hey Copilot' voice assistant and autonomous agents for all Windows 11 PCs
Visa just launched a protocol to secure the AI shopping boom — here’s what it means for merchants
TechCrunch
University of Pennsylvania confirms hacker stole data during cyberattack
Google gets the US government’s green light to acquire Wiz for $32B
Armis raises $435M pre-IPO round at $6.1B valuation after refusing M&A offers
Phone location data of top EU officials for sale, report finds
Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia
DOJ accuses US ransomware negotiators of launching their own ransomware attacks
Hackers threaten to leak data after breaching University of Pennsylvania to send mass emails
Government hackers breached telecom giant Ribbon for months before getting caught
WhatsApp adds passkey protection to end-to-end encrypted backups
Network World Security
Arista shares Q3 financials, touts ‘golden era in networking’
AI and greed cause a massive spike in memory prices
AWS Fastnet cable will expand cloud reach, but CIOs must read the fine print
Cisco centralizes customer experience around AI
Palo Alto Networks readies security for AI-first world
Cisco: Latest news and insights
2025 global network outage report and internet health check
OpenAI spends even more money it doesn’t have
Infoblox bolsters Universal DDI Platform with multi-cloud integrations
Cisco unveils integrated edge platform for AI
Help Net Security
Google uncovers malware using LLMs to operate and evade detection
Komodor’s self-healing capabilities remediate issues with or without a human in the loop
Fortinet launches Secure AI Data Center to protect AI infrastructures end-to-end
Barracuda Assistant accelerates security operations
CleanStart SBOM Analyzer strengthens software supply chain security
Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
18 arrested in €300 million global credit card fraud scheme
New ExtraHop capabilities target malicious PowerShell use across enterprise environments
Deepwatch NEXA platform transforms MDR collaboration with agentic AI
ZEDEDA introduces Edge Kubernetes App Flows to automate edge application lifecycle
InfoSecurity Magazine
Operation Chargeback Uncovers €300m Fraud Scheme in 193 Countries
UNK_SmudgedSerpent Targets Academics With Political Lures
Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection
SMS Fraud Losses Set to Decline 11% in 2026
Hundreds of Malware-Laden Apps Downloaded 42 Million Times From Google Play
French Police Seize €1.6m Amid Crypto Scam Network Crackdown
OpenAI Assistants API Exploited in 'SesameOp' Backdoor
Scattered Spider, ShinyHunters and LAPSUS$ Form Unified Collective
DragonForce Cartel Emerges as Conti-Derived Ransomware Threat
Identity Is Now the Top Source of Cloud Risk
© 2025 RiskDiscovery | Sponsored by: Deception Logic