[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft
Researchers: Meta, TikTok Steal Personal & Financial Info When Users Click Ads
SideWinder Espionage Campaign Expands Across Southeast Asia
More Attackers Are Logging In, Not Breaking In
Clear Communication: The Missing Link in Cybersecurity Success
Less Lucrative Ransomware Market Makes Attackers Alter Methods
Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish
Warlock Ransomware Group Augments Post-Exploitation Activities
China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years
Ars Technica
Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Supply-chain attack using invisible code hits GitHub and other repositories
The who, what, and why of the attack that has shut down Stryker's Windows network
14,000 routers are infected by malware that's highly resistant to takedowns
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
Amazon appears to be down, with over 20,000 reported problems
Trump gets data center companies to pledge to pay for power generation
Downdetector, Speedtest sold to IT service-provider Accenture in $1.2B deal
LLMs can unmask pseudonymous users at scale with surprising accuracy
CyberScoop
Cisco’s latest vulnerability spree has a more troubling pattern underneath
U.S. robotics companies want federal help to keep Chinese robots out of America’s networks
Second iOS exploit kit now in use by suspected Russian hackers
CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors
Trump administration isn’t pushing companies to conduct cyber offense, national cyber director says
Appeals court temporarily pauses order blocking Perplexity’s AI shopping agent on Amazon
It’s time to get serious about post-quantum security. Here’s where to start.
Zero lessons learned: Convicted scammer allegedly ran another athlete-focused phishing scam from federal prison
Attackers are exploiting AI faster than defenders can keep up, new report warns
Washington is right: Cybercrime is organized crime. Now we need to shut down the business model
InfoSecurity Magazine
New Ubuntu Flaw Enables Local Attackers to Gain Root Access
Crypto Scam "ShieldGuard" Dismantled After Malware Discovery
AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure
Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats
AI Issues Will Drive Half of Incident Response Efforts by 2028, Says Gartner
Android OS-Level Attack Bypasses Mobile Payment Security
'CursorJack’ Attack Path Exposes Code Execution Risk in AI Development Environment
Surge in Nation State Attacks on UK Firms Amid Cyber Warfare Fears
Average Number of Daily API Attacks Up 113% Annually
UK Cyber Monitoring Centre Sets Its Sights on US Expansion One Year After Launch
SecurityWeek
The Collapse of Predictive Security in the Age of Machine-Speed Attacks
Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation
Cloud Security Startup Native Exits Stealth With $42 Million in Funding
‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors
Virtual Summit Today: Supply Chain & Third-Party Risk Summit
EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations
Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches
Manifold Raises $8 Million for AI Detection and Response
Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach
Apple Debuts Background Security Improvements With Fresh WebKit Patches
ZDNet
You can now order 1-hour Amazon deliveries across 2,000 cities - is yours on the list?
Can the Samsung Frame Pro replace my TV? My advice after weeks of testing
Best early Amazon Spring Sale Apple deals 2026
How to find and update your TV firmware (and why it's critical to do it properly)
How I turned my Pixel phone into a genuinely productive desktop computer - for free
I tried a highly-customized Hyprland desktop that's meant for Linux pros - and didn't hate it
Best early Amazon Spring Sale robot vacuum deals 2026
What's a minimal install for Linux? 6 reasons it can come in handy
Gemini's Personal Intelligence shocked me with everything it knows - here's how to turn it on (or off)
Best early Amazon Big Spring Sale headphone deals 2026
The Hacker News
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
Claude Code Security and Magecart: Getting the Threat Model Right
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
BleepingComputer
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
ConnectWise patches new flaw allowing ScreenConnect hijacking
Ransomware gang exploits Cisco flaw in zero-day attacks since January
Marquis: Ransomware gang stole data of 672K people in cyberattack
The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms
New “Darksword” iOS exploit used in infostealer attack on iPhones
Nordstrom's email system abused to send crypto scams to customers
Apple pushes first Background Security Improvements update to fix WebKit flaw
GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
Europe sanctions Chinese and Iranian firms for cyberattacks
gbhackers
FancyBear Server Leak Exposes Stolen Credentials, 2FA Secrets, NATO Targets
UIDAI Introduces Bug Bounty Program to Strengthen Aadhaar Defenses
Apple WebKit Security Flaw Exposes iOS and macOS Users to Content-Based Bypass Attacks
LeakNet boosts ransomware with ClickFix lures, stealthy Deno loader
ForceMemo Hijacks GitHub Accounts, Backdoors Python Repos
Critical Telnetd Vulnerability Enables Remote Code Execution Attacks
OpenAI Introduces GPT-5.4 Mini and Nano for Faster, Lightweight AI Performance
Iran Cyber Ops Merge With PsyOps and EW Amid Escalating Conflict
Ubuntu Desktop Vulnerability Lets Attackers Escalate Privileges to Full Root Access
Microsoft Teams-Based Vishing Attack Tricks Victims Into Quick Assist Takeover
Cybersecurity Dive
Threat groups target cyber-physical systems to disrupt critical infrastructure providers
Stryker begins restoring ordering, shipping systems after cyberattack
New research unpacks North Korea’s stealthy, sophisticated remote IT worker schemes
National cyber director expands on Trump administration’s vision for AI security, industry collaboration
Security teams might be overlooking wider threat to Cisco SD-WAN
Telus Digital confirms hack as ShinyHunters claims credit for massive data theft
Stryker attack raises concerns about role of device management tool
Robotics firm Intuitive Surgical says cyberattack compromised business, customer data
AI agent security: New governance framework shows progress, but critical gaps remain
Stryker’s manufacturing, shipping disrupted after cyberattack
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
State snoops and spyware vendors planting info-stealing malware on iPhones, Google warns
Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure
North Korea's 100,000-strong fake IT worker army rake in $500M a year for Kim Jong Un
Britain's satellite-watching gap to be plugged with £17.5M eyeball in Cyprus
Iran's cyberattack against med tech firm is 'just the beginning'
Linux Foundation kicks off effort to shield FOSS maintainers from AI slop bug reports
Japan to allow ‘proactive cyber-defense’ from October 1st
WorldCoin's newest pitch: Scan your eyeballs to prove AI agents really represent you
EU sanctions Iranian cyber front over election meddling, Charlie Hebdo breach
Too big to ignore, too small to be served: the midmarket security gap
VentureBeat
The authorization problem that could break enterprise AI
Nvidia's agentic AI stack is the first major platform to ship with security at launch, but governance gaps remain
OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert
Anthropic and OpenAI just exposed SAST's structural blind spot with free tools
Enterprise identity was built for humans — not AI agents
Microsoft says ungoverned AI agents could become corporate 'double agents.' Its fix costs $99 a month.
Pentagon vendor cutoff exposes the AI dependency map most enterprises never built
TechCrunch
FBI is buying location data to track US citizens, director confirms
Marquis says over 672,000 people had personal and financial data stolen in ransomware attack
Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools
Apple rolls out first ‘background security’ update for iPhones, iPads, and Macs to fix Safari bug
Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices
Wiz investor unpacks Google’s $32B acquisition
The FBI is investigating malware hidden inside games hosted on Steam
Law enforcement shuts down botnet made of tens of thousands of hacked routers
Pro-Iran hacktivist group says it is behind attack on medical tech giant Stryker
Hacker broke into FBI and compromised Epstein files, report says
Network World Security
Lenovo bolsters hybrid AI platform with Nvidia GPUs
Fortinet’s AI-driven defense for a machine-speed era
Microsoft’s laser-free cable tech promises to slash AI data center networking power bills
Beyond the fan: Crossing the liquid cooling rubicon
USAT to Distribute Digital Dollars to Thousands During St. Patrick’s Day Celebration in Times Square
Nvidia targets inference as AI’s next battleground with Groq 3 LPX
HPE, Nvidia expand AI partnership
Nvidia: Latest news and insights
2026 network outage report and internet health check
Cato Networks unveils GPU-powered SASE with native AI security controls
Help Net Security
Token Security advances AI agent protection with intent-based controls
Dropzone AI releases autonomous Threat Hunting agent for continuous SOC detection
Backslash adds cross-product support to secure AI skills in developer environments
Menlo Security delivers unified governance and threat prevention for AI agents and humans
Graylog advances explainable AI and automated workflows for faster threat detection
Firefox is getting a free built-in VPN
Corelight’s Agentic Triage turns SOC alerts into evidence-backed investigations
TrojAI unveils new capabilities to secure agentic AI beyond the prompt layer
Veracode Fix for SCA automates open-source vulnerability fixes
Polygraf AI launches Desktop Overlay for real-time AI behavior control in enterprise operations
SC Magazine
Apple rolls out ‘Background Security Improvements’ for WebKit browser engine bug
6 ways to make the White House's new cyber strategy work for our industry
MCP is the backdoor your zero-trust architecture forgot to close
AI coding assistants twice as likely to leak secrets, as overall leaks rise 34%
Language of the Board as CISO-Board Time Falls Short and CISOs Struggle with Risk - Ben Wilcox - BSW #439
Spin.AI receives investment from K1 for SaaS security
GlassWorm campaign evolves: ForceMemo attack targets Python repos via stolen GitHub tokens
UK businesses risk data breaches due to poor identity security
CISA warns of actively exploited Wing FTP Server vulnerability
Companies House platform suffers security issue exposing director data
© 2026 RiskDiscovery | Sponsored by: Deception Logic