[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
Claude Fable 5 Doesn't Change the Mythos Security Story
Phishing Attack Volume Down 20%, But Risk Still Rising
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Segmentation Works for OT If Operators Are Paying Attention
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
CISA Rewrites Federal Patching Requirements for AI Threat Era
Bug Bounty Research Triggers ServiceNow Security Alert
AI Risk Worries Insurers & Businesses Alike
Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet
Ars Technica
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
CyberScoop
US, France, and Italian authorities shut down massive deepfake porn site
Conti ransomware group member pleads guilty, faces up to 20 years in prison
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
CyberCorps is adapting to AI. The budget isn’t keeping up.
Russian national charged in connection with Void Blizzard espionage campaign
OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers 
CISA directive orders agencies to prioritize vulnerability patching in a new way
Microsoft breaks Patch Tuesday record with 206 vulnerabilities
Anthropic’s new model is Mythos on a leash
CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector
InfoSecurity Magazine
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
GitHub to Update npm to Thwart Software Supply Chain Attacks
Over 80% of Sports Organizations Targeted by Hackers in the Last Year
CISA Orders Agencies to Patch by Risk, Not Severity
Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware
Most Cybersecurity Teams Struggle to Find Time for Training on New Cyber Threats
Interpol Dismantles SniperDz Phishing-as-a-Service Platform
Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
New “Agentjacking” Attacks Could Hijack AI Coding Agents
Fake Software Tutorials on TikTok Spread Vidar Stealer
SecurityWeek
In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine
Industry Reactions to Claude Fable 5: Feedback Friday
Iranian Cyber Group Handala Claims Cal Water Hack
Ivanti Sentry Exploitation Attempts Hitting Honeypots
Chrome 149 Update Patches 28 Vulnerabilities
Anthropic Disputes Fable 5 AI Jailbreak
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters
Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks
Alert Fatigue Is Becoming a Security Threat of Its Own
CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk
ZDNet
I used HyperDroid to make my Android devices look and feel like Windows 11 - and don't regret it
This free Android app turned my phone into a 35-tool measuring tool - and I tested everything
Claude Fable 5 secretly throttled AI researchers, and the internet went wild
40% of enterprises will scrap AI agents - 3 ways to ensure yours don't fail
Your iPhone is getting enhanced Bluetooth tracking with iOS 27 - but there's a catch
How I customized my Android Auto in 7 ways to make it more useful when I'm driving
Are Facebook and Instagram down? What to know about the Meta outage
I use Blink cameras at home, and this 65% off 5-camera bundle is hard to ignore
This single router antenna adjustment improved my internet speed more than I expected
I'd recommend this TCL Mini LED TV that's $1,000 off over premium Samsung and LG models
The Hacker News
400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
Rethinking MDR as Attackers and Defenders Embrace AI
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
BleepingComputer
Maine disables data breach notification portal after fake disclosures
phpBB forum fixes auth bypass bug lurking for a decade
Ukrainian national pleads guilty to role in Conti ransomware operation
Over 400 Arch Linux packages compromised to push rootkit, infostealer
Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
Microsoft fixes Windows update failures linked to WUSA installer
Pharma giant Novo Nordisk discloses breach of clinical trials data
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
Over 73,000 French govt employees affected in Tchap messenger breach
Japanese energy firm loses drive with data of 10.9 million clients
gbhackers
GRU-Linked APT28 Uses MooBot Botnet and Compromised EdgeRouters for Cyber Operations
Hackers Abuse NinjaOne RMM Agent to Gain Remote Access to Brazilian Organizations
Hackers Use Typosquatted npm Packages to Target Web3 Projects and Crypto Wallet Operators
Attackers Can Exploit Microsoft Outlook and Word Flaws to Run Malicious Code
Palo Alto PAN-OS Flaw Lets Attackers Run Arbitrary Commands With Root Privileges
OnyxC2 Stealer Uses Cloudflare-Fronted C2 to Exfiltrate Browser Data and Credentials
Tchap Messenger Hack Exposes Data of Over 73,000 French Government Employees
Hackers Use UAE-India Diplomatic Lure to Deliver SHEETCREEP RAT via Google Sheets
Authorities Seize AudiA6 Crypto Laundering Service Used by Cybercriminal Gangs
Microsoft Teams Android Flaw Could Let Attackers Disclose Sensitive Information
Cybersecurity Dive
Agentic AI surges in financial sector even as many firms fail to manage security risks
It’s Mythos’ world now. How do we live in it?
ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft
Enterprises report increasing budgets for security training in AI and other critical topics
FIFA World Cup expected to face extensive criminal, hacktivist cyber threats
CISA gives agencies new vulnerability remediation deadlines that take risk levels into account
CISA, researchers warn of escalating attacks using Cisco Catalyst SD-WAN flaws
Companies are failing to keep up with AI’s identity sprawl, creating entry points for hackers
Check Point warns of zero-day flaw targeted by ransomware affiliate
IT sector faces growing threats from IP-hungry China, AI-enabled cybercriminals
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Fired IT worker jailed for 21 months after sabotaging old school district
Novo Nordisk reports cyberattack as UK gives Wegovy pill the nod
Microsoft has mostly repaired flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet
Google fires sueball at alleged Chinese phishers over AI-powered fraud ops
Plymouth council exposes hundreds in latest local government email gaffe
UK digital ID gets brain trust to 'challenge' ministers on policy
BOFH: For one ambitious security type, chaos is a ladder
ShinyHunters hacked 100+ orgs by exploiting an Oracle PeopleSoft 0-day
Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day
VRChat says somebody faked a breach notice with the Maine AG's office
VentureBeat
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
TechCrunch
Google sues alleged Chinese cybercrime operation that used AI to send scam texts
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
Oracle warns of security bug that hackers abused to breach 100+ companies
South Korea hits Coupang with $400M+ fine for data breach that affected millions
Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations
North Koreans behind nearly half of US tech industry hacks, says CrowdStrike
Cybersecurity researchers aren’t happy about the guardrails on Anthropic’s Fable
ServiceNow tells customers a bug left some of their data exposed to the internet
CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang
Microsoft’s open source tools were hacked to steal passwords of AI developers
Network World Security
NetBox at 10: Network inventory tool now a full infrastructure intelligence platform
How Jeetu Patel made Cisco unrecognizable
Amazon claims its data centers are 7x more water-efficient than the industry average
Marvell announces 102.4 Tbps switch silicon built for AI
IBM, ServiceNow team to bring AI to legacy enterprise systems
AI-powered WAF, virtual patching: How F5 is hardening networks against frontier threats
A quick look at Cisco’s strategy to become a software monster
Residential proxies are hiding in plain sight inside enterprise networks
OpenAI weighs Nvidia-backed lease for 10 GW Ohio data center campus
Lotus Microsystems targets AI power efficiency with vStrata platform
Help Net Security
Google sues China-based scammers over Gemini AI abuse
Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)
Cybercriminals are moving away from mass phishing campaigns
Authorities dismantle crypto laundering service that moved €336 million for cybercriminals
Comcast Business SecurityEdge Preferred strengthens security for small businesses
How to use NIST and ISO frameworks to govern AI agents
ZeroFox releases AI Analytics to bring answers directly to security teams
The assembly line behind 1.5 million malicious domains
AI sovereignty makes data centers strategic targets for cyber operations
Product showcase: Avast One turns scam screenshots into actionable security advice
SC Magazine
Iran-linked group Handala claims to steal Cal Water customer info
Docker security scanner uses AI to help explain, fix vulnerabilities
AI agents have broken the security perimeter
Trolling Microsoft With Vulnerabilities - PSW #930
FBI shuts down 13 ‘consulting’ websites used for suspected Chinese espionage
Texas A&M CIO emphasizes user experience in cybersecurity strategy
OceanLotus targets stock investors and construction firm with SPECTRALVIPER backdoor
Russian national charged in connection with Void Blizzard cyberespionage campaign
OnyxC2 stealer sold as a service targets over 210 applications
AudiA6 cryptocurrency service dismantled for allegedly laundering over $380 million
© 2026 RiskDiscovery | Sponsored by: Deception Logic