[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
Sophisticated Shuyal Stealer Targets 19 Browsers, Demonstrates Advanced Evasion
How to Spot Malicious AI Agents Before They Strike
Cyber Career Opportunities: Weighing Certifications vs. Degrees
'Fire Ant' Cyber Spies Compromise Siloed VMware Systems
AI-Generated Linux Miner 'Koske' Beats Human Malware
North Korea's IT Worker Rampage Continues Amid DoJ Action
Why Security Nudges Took Off
The Young and the Restless: Young Cybercriminals Raise Concerns
Can Security Culture Be Taught? AWS Says Yes
Law Enforcement Cracks Down on XSS — but Will It Last?
Ars Technica
After BlackSuit is taken down, new ransomware group Chaos emerges
OpenAI’s most capable AI model, GPT-5, may be coming in August
Supply-chain attacks on open source software are getting out of hand
Two major AI coding tools wiped out user data after making cascading mistakes
Nvidia AI chips worth $1B smuggled to China after Trump export controls
Some VMware perpetual license owners are unable to download security patches
White House unveils sweeping plan to “win” global AI race through deregulation
OpenAI and partners are building a massive AI data center in Texas
What to know about ToolShell, the SharePoint threat under mass exploitation
A power utility is reporting suspected pot growers to cops. EFF says that’s illegal.
CyberScoop
Sen. Hassan wants to hear from SpaceX about scammers abusing Starlink
FBI alerts tie together threats of cybercrime, physical violence from The Com
Hundreds of registered data brokers ignore user requests around personal data
Microsoft’s software licensing playbook is a national security risk
US offers $15 million reward for info on North Korean nationals involved in global criminal network
Microsoft SharePoint attacks ensnare 400 victims, including federal agencies
Plankey vows to boot China from U.S. supply chain, advocate for CISA budget
Trump AI plan pushes critical infrastructure to use AI for cyber defense
Authorities in Ukraine nab alleged admin of Russian-language cybercrime forum
Cisco network access security platform vulnerabilities under active exploitation
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
Microsoft wants you to chat with its browser now - but can you trust this Copilot?
You won't regret buying these two Moft MagSafe accessories for your iPhone - here's why
This $200 Motorola phone has no business being this good for the price
This Reddit user's Pixel 6a reportedly caught fire, after Google's update - what you need to know
My phone struggled to get signal: These 5 quick fixes instantly improved its reception
Got a suspicious Amazon refund text? Don't click the link - it's a scam
One of the best color E Ink tablets I've tested is not made by Kobo or Boox, and it's on sale
This Arch-based Linux distro has a clean, privacy-focused experience for tinkerers
Every creative professional needs this multi-card reader that's fast, reliable, and easy to travel with
Apple's latest iPad hit a new low price at Walmart - and it's available in every color
The Hacker News
⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More
Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide
U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm
Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files
Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor
Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks
Overcoming Risks from Chinese GenAI Tool Usage
Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems
BleepingComputer
CISA flags PaperCut RCE bug as exploited in attacks, patch now
Microsoft will stop supporting Windows 11 22H2 in October
OpenAI prepares GPT-5 for roll out
France's warship builder Naval Group investigates 1TB data breach
OpenAI could rival Google Shopping with ChatGPT Shop
Internet Archive is now a US federal depository library
Free Autoswagger Tool Finds the API Flaws Attackers Hope You Miss
Scattered Spider is running a VMware ESXi hacking spree
Allianz Life confirms data breach impacts majority of 1.4 million customers
Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks
Cybersecurity Dive
Research shows LLMs can conduct sophisticated attacks without humans
Allianz Life discloses massive data breach linked to supply-chain attack
Emerging cybersecurity needs: What the market is telling us
Philadelphia Indemnity Insurance discloses June data breach
Treasury sanctions North Koreans involved in IT-worker schemes
Senators push CISA director nominee on election security, agency focus
What we know about the Microsoft SharePoint attacks
Trump AI plan calls for cybersecurity assessments, threat info-sharing
Lapsed CISA contract impedes national lab’s threat-hunting operations
Clorox files $380 million suit blaming Cognizant for 2023 cyberattack
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Majority of 1.4M customers caught in Allianz Life data heist
Aeroflot aeroflops over 'IT issues' after attackers claim year-long compromise
US spy satellite agency breached, but insists no classified secrets spilled
Congress tries to outlaw AI that jacks up prices based on what it knows about you
Blame a leak for Microsoft SharePoint attacks, researcher insists
Senator to Google: Give us info from telco Salt Typhoon probes
Freelance dev shop Toptal caught serving malware after GitHub account break-in
Microsoft admits it 'cannot guarantee' data sovereignty
Advisor to Brit tech contractors Qdos confirms client data leak
DNS security is important but DNSSEC may be a failed experiment
VentureBeat
How E2B became essential to 88% of Fortune 100 companies and raised $21 million
CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone
SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more
Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely
Anthropic researchers discover the weird AI problem: Why thinking longer makes models dumber
Crowdstrike’s massive cyber outage 1-year later: lessons enterprises can learn to improve security
Google DeepMind makes AI history with gold medal win at world’s toughest math competition
How OpenAI’s red team made ChatGPT agent into an AI fortress
Salesforce used AI to cut support load by 5% — but the real win was teaching bots to say ‘I’m sorry’
Blaxel raises $7.3M seed round to build ‘AWS for AI agents’ after processing billions of agent requests
TechCrunch
Flights grounded as Russia’s largest airline Aeroflot hacked and systems ‘destroyed’
Dating safety app Tea breached, exposing 72,000 user images
Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack
Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers
Cybercrime forum Leak Zone publicly exposed its users’ IP addresses
AI slop and fake reports are coming for your bug bounty programs
European authorities arrest alleged admin of notorious Russian crime forum XSS
Hundreds of organizations breached by SharePoint mass-hacks
Apple alerted Iranians to iPhone spyware attacks, say researchers
UK government wants ransomware victims to report breaches so it can carry out ‘targeted disruptions’ against hackers
Network World Security
AI will drive more workforce expansion for tech pros than reduction, Linux Foundation reports
Sysadmins ready for AI, but skepticism abounds
AI Project Stargate struggles to get off the ground
Unexpected costs drive on-premises computing
CISPE seeks to annul Broadcom’s VMware takeover
Network jobs watch: Hiring, skills and certification trends
CompTIA updates Linux+ certification
Storage vendors bring record capacity devices to handle massive data generation
Humana slashes engineering hours with network automation overhaul
Broadcom blocks VMware patch access for perpetual license holders with expired support contracts
Help Net Security
Your supply chain security strategy might be missing the biggest risk
The legal minefield of hacking back
Vulnhuntr: Open-source tool to identify remotely exploitable vulnerabilities
Review: LLM Engineer’s Handbook
How to fight document fraud with the latest tech tools
Week in review: Microsoft SharePoint servers under attack, landing your first cybersecurity job
Digital sovereignty becomes a matter of resilience for Europe
What 50 companies got wrong about cloud identity security
Six months into DORA, most financial firms are still not ready
New infosec products of the week: July 25, 2025
InfoSecurity Magazine
Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable
New Scattered Spider Tactics Target VMware vSphere Environments
Third-Party Breach Impacts Majority of Allianz Life US Customers
Naval Group Denies Hack Claims, Alleges "Reputational Attack"
US Woman Gets Eight Years for Part in $17m North Korean Scheme
Dating App Breach Exposes Images of 13,000 Women
BlackSuit Ransomware Group’s Dark Web Sites Seized in Operation Checkmate
Prolonged Chinese Cyber Espionage Campaign Targets VMware Appliances
New Chaos Ransomware Emerges, Launches Wave of Attacks
Malware Campaign Masquerades as Dating Apps to Steal Data
© 2025 RiskDiscovery | Sponsored by: Deception Logic