[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Black Hat USA
Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026
Bank Trojan 'Casbaneiro' Worms Through Latin America
Ransomware Will Hit Hospitals. Rehearsals Are Key to Defense
LatAm's Self-Taught Cyber Talent Overlooked Amid Cyberattack Glut
Cyberattacks Intensify Pressure on Latin American Governments
Venom Stealer MaaS Platform Commoditizes ClickFix Attacks
Are We Training AI Too Late?
The Forgotten Endpoint: Security Risks of Dormant Devices
Axios NPM Package Compromised in Precision Attack
Ars Technica
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Supply-chain attack using invisible code hits GitHub and other repositories
The who, what, and why of the attack that has shut down Stryker's Windows network
14,000 routers are infected by malware that's highly resistant to takedowns
CyberScoop
Medtech giant Stryker says it’s back up after Iranian cyberattack
European-Chinese geopolitical issues drive renewed cyberespionage campaign
White House executive order purports to limit mail-in voting, mandate federal voter lists 
Attack on axios software developer tool threatens widespread compromises
Researchers say credential-stealing campaign used AI to build evasion ‘at every stage’
Iranian hackers, Handala, claim to compromise FBI Director Kash Patel’s personal data
Security leaders say the next two years are going to be ‘insane’
ODNI tackles AI, threat hunting, app cybersecurity in year-one tech review
FCC pushes new rules to crack down on robocallers, foreign call centers
Former NSA chiefs worry American offensive edge in cybersecurity is slipping
InfoSecurity Magazine
NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
New 'Storm' Infostealer Remotely Decrypts Stolen Credentials
Apple Expands iOS 18 Security Updates Amid DarkSword Threat
GitHub Used as Covert Channel in Multi-Stage Malware Campaign
Researchers Observe Sub-One-Hour Ransomware Attacks
Most CNI Firms Face Up to £5m in Downtime from OT Attacks
Google Introduces Android Dev Verification Amid Openness Debate
New Venom Stealer MaaS Platform Automates Continuous Data Theft
Chinese Hackers Target European Governments in Espionage Campaigns
Eight in 10 UK Manufacturers Hit by Cyber Incident in a Year
SecurityWeek
Cybersecurity M&A Roundup: 38 Deals Announced in March 2026
Cisco Patches Critical and High-Severity Vulnerabilities
250,000 Affected by Data Breach at Nacogdoches Memorial Hospital
Mercor Hit by LiteLLM Supply Chain Attack
Sophisticated CrystalX RAT Emerges
Variance Raises $21.5M for Compliance Investigation Platform Powered by AI Agents
Linx Security Raises $50 Million for Identity Security and Governance
Depthfirst Raises $80 Million in Series B Funding
Toy Giant Hasbro Hit by Cyberattack
New DeepLoad Malware Dropped in ClickFix Attacks
ZDNet
Google's Gemma 4 model goes fully open-source and unlocks powerful local AI - even on phones
New MIT jobs report: Why AI's work impact will roll in like a rising tide, not a crashing wave
New out-of-band Windows 11 update fixes March's installation errors - how to get it
Oneisall Ease S1 review: Finally, a smart litter box that doesn't cost an arm and a paw
I built two apps with just my voice and a mouse - are IDEs already obsolete?
My two Raspberry Pi boards cost as much as a laptop now - and AI is to blame
Still running iOS 18? Install this critical update ASAP
I tried to destroy this AirTag alternative, but it wouldn't crack - unlike others
We still highly recommend these 3 older laptop models - especially while they're on sale
Best Amazon Big Spring Sale headphone deals 2026 - last chance to save
The Hacker News
ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
The State of Trusted Open Source Report
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
Block the Prompt, Not the Work: The End of "Doctor No"
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
BleepingComputer
Residential proxies evaded IP reputation checks in 78% of 4B sessions
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
New Progress ShareFile flaws can be chained in pre-auth RCE attacks
Medtech giant Stryker fully operational after data-wiping attack
Critical Cisco IMC auth bypass gives attackers Admin access
Microsoft links Classic Outlook issue to email delivery problems
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
New CrystalRAT malware adds RAT, stealer and prankware features
Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
Hackers exploit TrueConf zero-day to push malicious software updates
gbhackers
Akira-Style Ransomware Campaign Hits Windows Users Across South America
Iranian Hacker Group Handal Claims Breach of Israeli Defense Firm
Fake CERT-UA Site Spreads Go-Based RAT in Phishing Campaign
RFQ Malware Campaign Uses DOCX, RTF, JS, and Python
NoVoice on Google Play Exploits 22 Flaws to Hit Millions of Android Users
CISA Issues Alert on Chrome Zero-Day Under Active Exploitation
Apple Releases iOS 18.7.7 Update to Defend Against DarkSword Exploit
Axios npm Supply Chain Breach: Microsoft Shares Mitigation Steps
FBI Warns Chinese Mobile Apps Could Expose User Data to Cyberattacks
New ZAP PTK Add-On Converts Browser Security Findings Into Native ZAP Alerts
Cybersecurity Dive
Critical flaw in F5 BIG-IP faces wide exploitation risk
Retail and hospitality CISOs expect budget growth, new AI headaches and opportunities
Cyberattack hits Hasbro, impacting orders and shipping
Axios open-source library targeted in sophisticated supply chain attack
Iran-linked actors target Middle Eastern city governments to undermine missile-strike responses
Cybersecurity risks shape AI adoption, but investment accelerates nonetheless
Iran actors’ claims raise questions about larger cyber threat to US, allies
‘Missed opportunity’: US government’s absence from RSAC Conference leaves stark void
Citrix NetScaler products confirmed to be under exploitation
Newly observed malware campaign likely combines AI and ClickFix
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
The company's biggest security hole lived in the breakroom
AI recruiting biz Mercor says it was 'one of thousands' hit in LiteLLM supply-chain attack
Amazon security boss: AI makes pentesting 40% more efficient
'People's Panel' to check if UK wants controversial Digital ID will cost £630K
UK manufacturers under cyber fire with 80% reporting attacks
Don't open that WhatsApp message, Microsoft warns
Iran targets M365 accounts with password-spraying attacks
Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines
OpenAI patches ChatGPT flaw that smuggled data over DNS
Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
VentureBeat
In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now
Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected
CrowdStrike, Cisco and Palo Alto Networks all shipped agentic SOC tools at RSAC 2026 — the agent behavioral baseline gap survived all three
OpenClaw has 500,000 instances and no enterprise kill switch
RSAC 2026 shipped five agent identity frameworks and left three critical gaps open
Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why
The authorization problem that could break enterprise AI
TechCrunch
ICE says it bought Paragon’s spyware to use in drug trafficking cases
De-fi platform Drift suspends deposits and withdrawals after millions in crypto stolen in hack
Apple releases security fix for older iPhones and iPads to protect against DarkSword attacks
WhatsApp notifies hundreds of users who installed a fake app made by government spyware maker
Hasbro says it was hacked, and may take ‘several weeks’ to recover
Mercor says it was hit by cyberattack tied to compromise of open source LiteLLM project
North Korean hackers blamed for hijacking popular Axios open source project to spread malware
Health data giant CareCloud says hackers accessed patients’ medical records
Popular AI gateway startup LiteLLM ditches controversial startup Delve
Apple will hide your email address from apps and websites, but not cops
Network World Security
New tool on AWS makes it easier to develop quantum error correction
IBM, Arm team up to bring Arm software to IBM Z mainframes
No joke: data centers are warming the planet
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both
OpenStack Gazpacho is a dish best served cold for hot cloud networks
Tokenomics: Why IT leaders need to pay attention to AI tokens
Enterprise Spotlight: Setting the 2026 IT agenda
Microsoft facing CMA probe of its business software portfolio
With new Marvell deal, Nvidia is chasing the AI control layer
Cisco extends its Enterprise Agreement to include Nutanix Cloud Platform
Help Net Security
Software supply chain hacks trigger wave of intrusions, data theft
OpenSSH 10.3 patches five security bugs and drops legacy rekeying support
New Red Hat subscription simplifies long-term enterprise Linux support
DarkSword exploit forces Apple to loosen its patching policy
TrueConf zero-day vulnerability exploited to target government networks
Trust, friction, and ROI: A CISO’s take on making security work for the business
Tracking drones with the 5G tower down the street
Microsoft adds high-volume email sending to Exchange Online
Your customer passed authentication. So why are they sending money to a scammer?
Cybercriminals take aim at Hasbro, weeks of recovery ahead
SC Magazine
Campaign combines WhatsApp with legit cloud platforms to deliver malicious VBS files
Report: Americans concerned about government management of personal data
AI implementation influenced by cybersecurity risks, survey shows
Cyberattacks powered by stolen credentials on the rise
Claude Code source code inadvertently leaked
Monetization of ransomware-stolen data touted by new cybercrime service
Bogus LinkedIn message alerts enable credential siphoning
Report sheds more light on Phantom Stealer
Attacks with TrueConf zero-day hit Southeast Asian governments
Widespread Microsoft 365 account compromise sought by Iran-linked hackers
© 2026 RiskDiscovery | Sponsored by: Deception Logic