[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
Check Point VPN Flaw Exploited Since Early May
Iran Signed a Ceasefire — Its Hackers Didn't
'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud
Exposed Fuel Tank Gauges Under Attack in the US
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat
Trump AI Order Seeks Voluntary Frontier Model Testing
Rust-Written IronWorm Hits NPM Supply Chain
China's TA4922 Expands Cybercrime Attacks Globally
Ars Technica
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
US's big bet on quantum computing may not be entirely legal
CyberScoop
Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint
The AI security race needs accountability, not overregulation
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
Hill Dems hammer GOP for $250M CISA budget cut
Your AI agent could become your biggest insider threat 
Inside the race to adapt to an AI-powered security world
European authorities crack down on illegal streaming networks
DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
DOD wants to integrate cyber in all operations, and integrate security into AI
Trump administration releases scaled-back AI executive order
InfoSecurity Magazine
Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack
WhatsApp Discovers NSO Group-Linked Spearphishing Attempts
North Korean Hackers Use Fake Coding Tasks to Steal Crypto
OpenAI Unveils ChatGPT Account Security Controls
Infosecurity Europe: Prompt Injection Remains Unsolved, OWASP Researcher Warns
Two-Thirds of Open Source Community Unaware of Cyber Resilience Act
Infosecurity Europe: How DSIT Protects Thousands of UK Orgs from Cyber Vulnerabilities
Meta AI Bug Exposes Over 20,000 Instagram Accounts
Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook
Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework
SecurityWeek
Google Patches 5th Chrome Zero-Day Exploited in 2026
A Security Raises $37 Million for Autonomous Offensive Security Platform
Everybody Is Vibe Coding But Nobody Told the Security Team
WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order
Cybersecurity M&A Roundup: 26 Deals Announced in May 2026
Everest Forms Vulnerability Exploited to Hack WordPress Sites
174,000 Impacted by Lansing Community College Data Breach
Silent Ransom Group Uses DNS Fast Flux in Attacks
OpenAI Rolling Out ChatGPT Account Security Controls
Anthropic Urges Industry Coordination to Allow for a ‘Pause’ in AI Development if Risks Grow
ZDNet
I used ChatGPT to build a free PDF editor because I didn't trust it to change my files - it's glorious
My 7 essential laptop-bag items after decades of working remotely
The biggest announcements at Apple WWDC 2026 - including Siri, iOS 27 dev beta, and more
Apple's new Siri AI comes with hidden costs that power users should know of
The two biggest iOS 27 features at WWDC for me had nothing to do with Siri AI
How to download the iPadOS 27 developer beta right now - and which models support it
This 4TB WD Black SSD is nearly $1,200 off at Best Buy - and you can still qualify for it
I found the quickest way to find blocked numbers on your iPhone - and it's so reliable
MacBook Neo vs. Acer Swift Air 14: I've used both budget laptops - this model clearly wins
I took 200+ photos with two of the best Android camera phones - and it was dang close
The Hacker News
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public
Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
The Hardest Fork
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
BleepingComputer
CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
Google patches new Chrome zero-day flaw exploited in the wild
NFCShare Android malware spreads via fake banking app updates on GitHub
SoFi confirms third-party data breach at Hong Kong subsidiary
New Apple feature automatically changes your compromised passwords
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
WhatsApp says it disrupted new NSO spyware phishing attacks
Gogs patches critical zero-day enabling remote code execution
Critical UniFi OS bug lets hackers gain root without authentication
Reducing security operations complexity with Wazuh Cloud
gbhackers
Linux Kernel Flaw Allows Local Attackers to Gain Root Privileges
Top 10 Best Zero Trust Network Access (ZTNA) Solutions 2026
WhatsApp Blocks Pegasus Spyware Campaign Linked to NSO Group
Weedhack MaaS Targets Minecraft Players to Steal Credentials and Hijack Accounts
NFCShare Android Malware Spreads via Weaponized Banking Apps
Top 10 Best Software Composition Analysis (SCA) Services 2026
Check Point VPN Zero-Day Under Active Exploitation by Ransomware Operators
Shai-Hulud Malware Campaign Abuses 23 PyPI Packages in Developer-Focused Attack
Hackers Exploit ChatGPT, Claude, DeepSeek Brands in Credential Phishing Attacks
Apache HTTP Server 2.4.68 Patches Multiple Security Vulnerabilities
Cybersecurity Dive
Cyber insurance policyholders facing heavier scrutiny in underwriting, claims
Companies aren’t prepared for how AI is accelerating impersonation attacks
The new risk equation: Why endpoint security is a financial imperative
Cisco warns zero-day flaw in SD-WAN is being exploited
Sprawling new House AI bill includes frontier model oversight, open-source security grants
CISA chief says Trump AI executive order implementation will start soon
CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand
‘Don’t panic’: AI reality checks dominate major cybersecurity conference
CISA, FBI warn that hackers are targeting systems used to monitor industrial fluids
Trump signs EO seeking early government access to powerful AI models
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Norks blast 250+ fake job offers to developers over 6 weeks to try and snarf creds and crypto
Ransomware crims got a month-long head start on Check Point VPN 0-day that now has a fix
Ransomware sends Illinois high school on an early summer vacation
GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections
NSO Group back in Meta's crosshairs after alleged WhatsApp targeting
Oxford Uni student data pwned yet again - this time via career platform breach
If you don't fall for these extortionists' calls, they'll show up with USB sticks
Yet another Cisco SD-WAN 0-day under attack, and no patch in sight
World Food Programme breach exposes data of 600k vulnerable Gazan families
Council in UK's City of York outs hundreds of disabled residents with a single email blunder
VentureBeat
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
TechCrunch
Microsoft’s open source tools were hacked to steal passwords of AI developers
WhatsApp says it caught new spyware attacks linked to NSO Group in violation of court order
Massachusetts votes to pass new privacy rights bill that bans sale of precise location data
Hacked, leaked, and held for ransom: The worst breaches of 2026 so far
OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks
Former cyber executive turned whistleblower accuses IBM of covering up several data breaches
Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person
NSA said to be readying Anthropic’s Mythos for use in cyber operations
Filtr is a new privacy tool that blocks ads in almost every iPhone and Mac app
Defense tech, AI, and fundraising take center stage at StrictlyVC Los Angeles on June 18
Network World Security
Attackers exploiting unpatched Cisco SD-WAN flaw
Enterprise network teams are falling behind as AI raises the stakes
New data center routing design cuts AWS networking energy costs by 40%, Amazon claims
Cisco: Latest news and insights
Network jobs watch: Hiring, skills and certification trends
How Cisco IT cut observability costs by 86% and eliminated major network outages
Microsoft makes Linux developers feel more at home in Windows with Coreutils release
AMD ships second-gen Versal Prime accelerators
CompTIA debuts AutoOps+ certification
Cisco sees quantum networking as the future of networking
Help Net Security
The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
Treating AI agents like service accounts for federated query security
Malware ships with bugs that defenders could use against it
The security questions around Chinese AI coding models in U.S. software
Cybersecurity jobs available right now: June 9, 2026
Meta claims NSO Group still targets WhatsApp users despite court order
Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows
Hackers used Meta’s AI support system to hijack over 20,000 Instagram accounts
New Relic expands observability into AI-assisted software development
Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)
SC Magazine
American citizen pleads guilty to spying for China
Check Point patches critical VPN flaw exploited in zero-day attacks
FTC orders Illuminate Education to improve data security after student data breach
Guardz introduces agentic reporting to simplify MSP security communication
Massachusetts lawmakers pass consumer data privacy bill
Silverfort integrates identity controls with Microsoft Copilot Studio agents
University of Oxford discloses data breach via third-party career platform
Ubiquiti UniFi OS server vulnerabilities allow unauthenticated remote code execution
Silent Ransom Group moves to in-person method if vishing attempt fails
Critical Infrastructure: The Risk Hiding in Plain Sight - Jason Manar - CSP #225
© 2026 RiskDiscovery | Sponsored by: Deception Logic