[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm
Adobe Patches Actively Exploited Zero-Day That Lingered for Months
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness
APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
Hims Breach Exposes the Most Sensitive Kinds of PHI
Your Next Breach Will Look Like Business as Usual
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
Orange Business Reimagines Enterprise Voice Communications With Trust and AI
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?
Ars Technica
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
CyberScoop
Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey
Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos
OpenAI’s Mac apps need updates thanks to the Axios hack
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Why is the timeline to quantum-proof everything constantly shrinking?
Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’
Don’t just fight fraud, hunt it
Hack-for-hire spyware campaign targets journalists in Middle East, North Africa
Feds quash widespread Russia-backed espionage network spanning 18,000 devices
InfoSecurity Magazine
AI Security Institute Advocates Security Best Practices After Mythos Test
Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat
Mirax Android Trojan Turns Devices Into Residential Proxy Nodes
FBI Dismantles $20m Phishing Operation W3LL
UK Cyber Security Council Launches Associate Cyber Security Professional Title
Operation Atlantic Seizes $12m in Crypto Losses
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies
STX RAT Targets Finance Sector With Advanced Stealth Tactics
Bitcoin Depot Reports $3.6m Crypto Theft After System Breach
SecurityWeek
SAP Patches Critical ABAP Vulnerability
Triad Nexus Evades Sanctions to Fuel Cybercrime
Google Adds Rust DNS Parser to Pixel Phones for Better Security
Nightclub Giant RCI Hospitality Reports Data Breach
Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities
Booking.com Says Hackers Accessed User Information
BrowserGate: Claims of LinkedIn ‘Spying’ Clash With Security Research Findings
OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack
International Operation Targets Multimillion-Dollar Crypto Theft Schemes
CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads
ZDNet
I carried this Bluetooth tracker card in my backpack for a week - and it withstood my clumsiness
I tested ChatGPT Plus vs. Gemini Pro to see which is better - and if it's worth switching
I followed the 'Plus 5' rule for wireless charging, and it fixed my iPhone's charge speeds
The new rules for AI-assisted code in the Linux kernel: What every dev needs to know
'Job seekers have to be detectives': 3 signs that listing is a scam
How the latest Netrunner distro delivers a Linux productivity powerhouse
This Linux distro offers an easy DNS switcher - but there's more to it that I like
I tested Artix Linux: An enjoyable systemd-free distro for experienced users (and ChromeOS speeds)
I spent two years testing wind power at home - here's why solar is still my preferred source
I camera-tested the Samsung Galaxy S26 Ultra with Oppo and Xiaomi - this model won it for me
The Hacker News
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
BleepingComputer
European Gym giant Basic-Fit data breach affects 1 million members
Stolen Rockstar Games analytics data leaked by extortion gang
Critical flaw in wolfSSL library enables forged certificate use
FBI takedown of W3LL phishing service leads to developer arrest
OpenAI rotates macOS certs after Axios attack hit code-signing workflow
New Booking.com data breach forces reservation PIN resets
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
Critical Marimo pre-auth RCE flaw now under active exploitation
Over 20,000 crypto fraud victims identified in international crackdown
gbhackers
Botnet Exposed: Hackers Leave Worker Access and Root Passwords Wide Open
Janela RAT Spreads via Fake MSI Installers, Malicious Extensions
Critical etcd Vulnerability Allows Unauthorized Access to Sensitive Cluster APIs
AI Codex Exploits Samsung TV Driver Flaw to Gain Root Access
CISA Alerts on Exploited Microsoft Exchange and Windows CLFS Security Flaws
Hackers Exploit Obsidian Plugin to Deploy Cross-Platform Malware
Hackers Exploit Critical ShowDoc RCE Flaw in Ongoing Attacks
SAP Patch Day Fixes Critical SQL Injection, DoS, and Code Injection Flaws
Okta Under Attack as Hackers Skip Phishing for Identity Systems
Synology SSL VPN Client Vulnerability Enabled Remote Access to Sensitive Files
Cybersecurity Dive
CISOs see gaps in their incident response playbooks
US, Indonesia shut down ‘sophisticated’ phishing kit
Stryker warns of earnings fallout from March cyberattack
Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign
NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog
US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure
Iran-linked hackers target water, energy in US, FBI and CISA warn
CISA’s vulnerability scans, field support on chopping block in Trump budget
React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
Fake Linux leader using Slack to con devs into giving up their secrets
Booking.com warns reservation data may have checked out with intruders
Gym giant Basic-Fit confirms data on a million members stolen in cyberattack
Rockstar Games gets a taste of grand theft data
NHS pays £46K to prep next Microsoft licensing round
China wants AI to prepare school lessons and mark homework
Anthropic's mysterious Mythos AI threatens to upend the infosec world
Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise
Hungarian government creds left in the safe hands of 'FrankLampard'
VentureBeat
Five signs data drift is already undermining your security models
Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot
AI agent credentials live in the same box as untrusted code. Two new architectures show where the blast radius actually stops.
Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook
AI agents that automatically prevent, detect and fix software issues are here as NeuBird AI launches Falcon, FalconClaw
Closing the data security maturity gap: Embedding protection into enterprise workflows
OCSF explained: The shared data language security teams have been missing
TechCrunch
FBI announces takedown of phishing operation that targeted thousands of victims
Booking.com confirms hackers accessed customers’ data
Hack at Anodot leaves over a dozen breached companies facing extortion
France to ditch Windows for Linux to reduce reliance on US tech
Hacker stole £700,000 from UK energy company by redirecting payment
WireGuard VPN developer can’t ship software updates after Microsoft locks account
Hack-for-hire group caught targeting Android devices and iCloud backups
Hackers steal and leak sensitive LAPD police documents
Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account
Final 3 days to save up to $500 on your TechCrunch Disrupt 2026 pass
Network World Security
DNS security is often inadequate, and network engineers should get more involved
Fixing encryption isn’t enough. Quantum developments put focus on authentication
Curious about quantum? Check out training options from ISC2, IBM, AWS and more
Linux 7.0 debuts with some big changes for networking
Intel: Latest news and insights
AI demand is so high, AWS customers are trying to buy out its entire capacity
Intel secures Google cloud and AI infrastructure deal
OpenAI puts part of Stargate project on hold over runaway power costs
Broadcom strikes chip deals with Google, Anthropic
Cisco: Latest news and insights
Help Net Security
DataVisor brings conversational AI agents to fraud and AML operations
Booking.com data breach: Customer reservation data exposed
Binary Defense expands NightBeacon with threat-aligned Detection Coverage Index
Google to penalize sites that hijack the back button
AI adoption is outpacing the safeguards around it
Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready
Review: The Psychology of Information Security
29 million leaked secrets in 2025: Why AI agents credentials are out of control
Zero trust at year two: What nobody planned for
Cybersecurity jobs available right now: April 14, 2026
SC Magazine
Securing Software's Journey with the OWASP SPVS - Cameron W., Farshad Abasi, Rohan Ravindranath, Ido Geffen - ASW #378
Senator investigates tech giants for CSAM reporting lapses
Juniper releases patches for multiple Junos OS bugs
Hacker alleges InfoDesk breach affecting pharma, financial firms
Nearly half of March ransomware attacks in tied to just 3 groups
MuddyWater pays for Russian CastleRAT malware
Code, control, and chaos: Rethinking security in the age of AI-driven development
GlassWorm uses Zig binary to infect multiple IDEs
Webloc tool tracks 500M phones via ad data
Synthetic ID fraud surges 8x as AI fuels deception
© 2026 RiskDiscovery | Sponsored by: Deception Logic