[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
[An RX Global Event] Infosecurity Europe
Name That Toon: Mark of (Cybersecurity) Progress
As Global Powers Explore Humanoid Robots, Cyber-Risk Looms
Asia's Cyber Insurance Market Shows Signs of Life
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
'The Com' Cyberattacks Support Violence & Sexploitation
Dutch Raid Fails to Dent Russian Bulletproof Host
Agentic AI Isn't Risky; the Way Orgs Deploy It Is
Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security
Ars Technica
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
US's big bet on quantum computing may not be entirely legal
Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption
A hacker group is poisoning open source code at an unprecedented scale
US government takes $2 billion equity stake in nine quantum computing firms
Google publishes exploit code threatening millions of Chromium users
In stunning display of stupid, secret CISA credentials found in public GitHub repo
CyberScoop
Election threats are focused on campaign systems, not voting machines
Tennessee man linked to 764 accused of series of crimes against children dating back to 2022
Federal audit reveals NIST’s NVD is plagued by poor planning and duplication
House panel poised to hold hearing centered on AI impact on cyber
Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket
Zapier fixes bug chain that researchers say risked widespread account takeover
OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
InfoSecurity Magazine
Infosecurity Europe: AI SOCs Will Still Need SOC Analysts, Security Vendors Say
FSB Group Gamaredon Hides Worm in Windows Data Streams
Attackers Abuse Shared Content for ChatGPT Phishing Campaign
Palo Alto Warns High-Severity Bug Is Being Actively Exploited
Infosecurity Europe: OWASP Forms New Agentic Research Council
Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
Infosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec Takes Over
Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies
AI-Generated npm Malware Leaks Its Own GitHub Token
Attackers Move Past Typosquatting to Realistic Package Impersonation
SecurityWeek
As the Pentagon Pushes for Battlefield AI, Some Military Leaders Urge Caution
19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access
Recent Palo Alto Networks Vulnerability Exploited for Weeks
Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say
Exploit Code Published for Critical Flowise RCE Vulnerability
In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks
Charter Communications Data Breach Could Impact Nearly 5 Million
MokN Raises $15 Million for Phish-Back Platform
Gogs Zero-Day Exposes Servers to Remote Code Execution
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
ZDNet
Wireless vs. wired security cameras: After years of testing, the best choice for my home is clear
I've been leaving FaceTime voicemails, and the hidden iOS feature surprised my own family
Overheating from Android Auto? 8 easy fixes that effectively cooled off my phone
This Lenovo Yoga rivaled my MacBook Air in ways I didn't expect it to
I switched to MyRadar as my main Android Auto weather app and don't regret it
I put my smart TV setup behind a router-based VPN and never looked back - here's why
Dell's new XPS 13 is a MacBook Neo rival that costs $599 and retains premium features
Dell XPS 13 (2026) vs. MacBook Neo: I compared both budget laptops, here's which one I'd buy
Asus vs. Acer: I've reviewed laptops from both brands for years, and here's my pick
I've used Android Auto with Gemini for 2 months now - it's transformed my drives in 4 ways
The Hacker News
The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
BleepingComputer
Critical Windows Netlogon RCE flaw now exploited in attacks
Webinar tomorrow: From alert to resolution in network incident response
Microsoft fixes outage affecting MFA, My Sign-Ins platform
Microsoft fixes KB5089549 Windows security update install issues
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
New CIFSwitch Linux flaw gives root on multiple distributions
ChatGPT share links abused to host fake outage pages to deliver malware
California AG sues 23andMe over 2023 breach exposing health data
From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
gbhackers
Critical Plesk Vulnerability Lets Users Execute Server Commands
Iranian Hackers Hijack AppDomainManager to Bypass EDR
Microsoft: No Lawsuits Against Researchers in Nightmare-Eclipse Row
Iran-Linked Hackers Wipe IT and Recovery Systems in Middle East Cyberattack
Meta AI Vulnerability Allegedly Enables Instagram Password Resets
Microsoft KB5089573 Fixes Windows 11 Patch Tuesday Install Failures
Windows Netlogon 0-Click RCE Vulnerability Under Active Exploitation
Hackers Target Signal Users to Steal Backups in New Attack Wave
Palo Alto PAN-OS Authentication Bypass Vulnerability Actively Exploited in the Wild
Google Chrome’s DBSC Now Generally Available to Prevent Account Takeovers
Cybersecurity Dive
Top 4 data security best practices for the AI-enabled enterprise
How Canva scaled to 260+M users while elevating security and productivity
CISA urges security teams to check for software development compromises
How CISOs can manage sovereign-cloud security risks
IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities
Enterprise data is creeping its way into shadow AI tools
Coordinated operation takes down Glassworm botnet
Leading AI models are more vulnerable to malicious prompts than vendors claim
Iranian government, not hacktivist group, breached LA Metro system, security firm says
FBI warns about PhaaS platform used to access Microsoft 365 environments
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Palo Alto VPN bug graduates from advisory to active exploitation
Password manager Dashlane suspends customer accounts amid brute-force attacks
Putin sends submarines to survey Britain's subsea cables. UK deploys Royal Navy, mobilizes parliamentary draftsmen
Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries
ICE to keep an eye on your eyes under $25M biometric scanner deal
No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out
23andMe inherits lawsuit over 'disturbing' DNA data breach
Dutch cops wrest 17M devices from mystery botnet's clutches
ChatGPT blindly trusts browser content, turning the page into a payload
Russia-linked threat group put ChatGPT to work from lure to payload
VentureBeat
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.
Valid certificates, stolen accounts: how attackers broke npm's last trust signal
Americans can’t spot a deepfake, and that’s a business crisis, not just a consumer problem
MFA verifies who logged in. It has no idea what they do next.
GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK
TechCrunch
Microsoft under fire for threatening security researcher with criminal investigation
Final 24 hours to save up to $410 on your TechCrunch Disrupt 2026 ticket
Hackers are trying to steal Signal users’ backups in new wave of widespread attacks
A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licenses
US says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’
UK Visa Portal exposed thousands of applicants’ passports and selfies — then called the lawyers on us
CrowdStrike and Google take down botnet used by hackers to target open source software developers
TechCrunch Disrupt 2026 Early Bird ticket savings end in 3 days
Dutch government blocks US company from acquisition, citing ‘risk to public interest’
Ghost hackers: the cybersecurity mystery that nobody has solved
Network World Security
Intel focuses on power efficiency and cost with new chip designs
Cisco: Latest news and insights
Meta considers becoming a hyperscaler
Zero trust isn’t broken, but most companies are doing it wrong
As AI datacenter memory becomes hot commodity, SK Hynix makes it cooler
Cisco research finds standard AI safety benchmarks miss the real threat
Cisco redefines ‘job-ready’ for network engineers with its certification overhaul
2026 network outage report and internet health check
IBM plans $2B quantum chip foundry; government will pay half
Cisco: AI traffic is radically reshaping WANs
Help Net Security
Horizon3.ai introduces Rapid Response to prioritize and verify vulnerability remediation
How NIST fumbled management of the National Vulnerability Database
Dragos acquires Phosphorus to secure extended operational technology
Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)
NVIDIA goes open source with a big batch of physical AI agent tools
DNS-AID lets AI agents find and verify each other through DNS
Asimily turns device risk into automated network policy
Data discovery gaps that catch enterprises off guard
EU organizations buckle under rising compliance pressure
OWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory
SC Magazine
How to defend at machine speed: A post-LLM era playbook 
Helping defense's use of AI catch up with offense, cost of the vulnpocalypse, news - Evan Powell - ESW #461
AI helps Russian-speaking GreyVibe run five parallel attack chains on Ukrainian targets
Sidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Beliefs, Josh Marpet - SWN #585
Key Questions to Ask When Evaluating an Identity and Access Management Vendor
How to Build an AI Governance Framework for Identity
SAML: How It Works, Common Misconfigurations, and Security Implications
Why IAM Matters: Benefits, Challenges, and Common Pitfalls
How to Evaluate and Select Identity and Access Management Tools
Identity-based attacks: how they work and how to defend against them
© 2026 RiskDiscovery | Sponsored by: Deception Logic