[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
SocGholish Takedown Highlights Malicious TDS Threats
FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist
DifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories
Crypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign
He Thought He Was Secure; His Phone Number Got Stolen Anyway
Stressors, AI Forcing Changes to Cybersecurity Teams
Novo Nordisk Breach Highlights Software Development Pipeline Risk
Operation Escaneo Signals Shift in LatAm Threat Landscape
FIFA Bug Exposes World Cup Streams to Remote Takeover
Ars Technica
Following user outcry, AMD reinstates memory encryption in consumer CPUs
Microsoft discovers new lightweight backdoor that steals cryptocurrency
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
Before SpaceX IPO, investors in China secretly acquired stakes
Massive breach spills credentials for thousands of sensitive networks
Tesco moving 40,000 server workloads off VMware amid Broadcom's “abusive conduct”
"Dangerous" AI models are coming no matter what
Windows and Linux users: The deadline to update Secure Boot keys is near
Year of free HPE software a “step in the correct direction” in VMware rivalry
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
CyberScoop
Justice Department seizes infrastructure used by cyber scam and criminal marketplace
Algerian man charged with running two cybercrime marketplaces
Court rules SAVE database illegal, orders it dismantled
Trump executive orders speed up post-quantum migration, boost industry
Intel agencies: Frontier AI models will reshape cybersecurity faster than expected
Authorities disrupt Evil Corp’s SocGholish botnet
Congress tees up No FAKES Act, aiming at AI-generated deepfakes
How software development’s speed obsession enabled TeamPCP’s chaos crusade
Accenture shells out $4.18B on three companies in big industrial cybersecurity push
Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April
InfoSecurity Magazine
Lookalike npm Package Hides a Multi-Stage Windows RAT
OpenAI Expands Daybreak to Help Defenders Patch Flaws
Trump Issues Executive Order to Fast-Track Post-Quantum Migration
GTA 6 Scams Emerge as Pre-Orders Open
Scattered Spider Teens Convicted of TfL Cyber-Attack
Five Eyes Group Issues Urgent Call to Tackle Frontier AI Threats
GentleKiller Framework Disables Victims' Security Software
Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips
Microsoft Attributes Mastra AI Supply Chain Attack to North Korea
Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens
SecurityWeek
Dragos Unveils AI for OT Security 
Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps
Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks
CISO Conversations: Carl Froggett – Combining CISO and CIO at Deep Instinct
Algerian Man Extradited to US for Running Cybercrime Marketplaces
FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances
OpenAI Refocuses Cybersecurity Efforts on Patching Over Discovery
Russian Initial Access Broker Behind FortiBleed Campaign
Canadian Electricity Provider London Hydro Discloses Data Breach
Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration 
ZDNet
This Garmin smartwatch is our top-selling Prime Day deal so far
My favorite Samsung OLED TV just dropped $1,100 in this rival Prime Day deal
The best Costco deals to compete with Prime Day: TVs, Apple devices, and more
The best Prime Day headphone deals: Apple, Bose, Sony, and more deals I'd buy myself
Prime Day 2026: Live updates on Garmin, Lenovo, Apple and other tech deals
The best Prime Day Samsung deals: Save big on Galaxy phones, tablets, and more
Our readers can't stop buying Garmin watches during Amazon Prime Day - plus other top-sellers
I'm heavily considering buying these gift cards on sale for Prime Day: DoorDash, Starbucks, and more
This tried-and-true $200 Android tablet is one of the best Prime Day deals worth buying
Samsung will give you a free monitor when you buy the Odyssey Neo G9 on sale - how to get one
The Hacker News
Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents
Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration
GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns
Agentic AI: The Weapon That No Longer Needs a Warrior
Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws
ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack
29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests
Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants
BleepingComputer
Healthtech firm Xolis suffers data breach impacting 1.4 million people
New macOS ClickFix attack silently mounts DMGs to push infostealer
Scattered Spider members plead guilty to hacking Transport for London
The Exploit Doesn't Exist. You Can Still Prove It Works Against You
LastPass confirms data breach in Klue supply chain attack
Webinar: Why email security teams are drowning in alerts
WhatsApp phishing attack uses fake business docs to hack PCs
JaredFromSubway MEV bot hacked in $15 million crypto theft
FFmpeg fixes PixelSmash flaw in widely used video decoder
FortiBleed campaign used custom FortiGate sniffer to steal credentials
gbhackers
Cordyceps Supply chain Vulnerability Impacting Code Repositories at thousands of Organizations
LastPass Customer Data Exposed in Klue Supply Chain Attack Using Stolen OAuth Tokens
Five Eyes Agencies Warn AI Is Accelerating Cyber Threats and Zero-Day Exploitation
Dropping Elephant Hackers Use China-Themed Loader Chain to Deploy In-Memory RAT
DifyTap Flaws Expose AI Data Across Tenants on Platform Powering 1M+ Apps
LG and Samsung Smart TV Apps Found Monetizing Users’ IP Addresses via Proxy SDKs
ANY.RUN Adds In-Browser Data Inspection to Reveal Phishing Redirects and DOM Changes
AWS Urges Organizations to Turn Outbound Blind Spots Into Monitored Checkpoints
Tata Electronics Data Breach Exposes 200,000+ Files Linked to Apple and Tesla, Hackers Claim
Microsoft Uncovers Parallel Threat Activity From Two Cyberattackers in Single Intrusion
Cybersecurity Dive
Trump sets new deadlines for agencies and contractors to adopt post-quantum cryptography
Looming AI-fueled threats require urgent cybersecurity improvements, Five Eyes members say
Interpol, Europol renew agreement to combat hackers and other criminals
CISA urges device hardening after thousands of Fortinet credentials compromised
Infrastructure downtime has a $50k-per-hour price tag. It’s time to turn hours into minutes.
3 ways AI is transforming security operations - and where it delivers real impact
AI is transforming enterprise data risk. Here’s how security leaders are responding.
Nation-state rivals linked to majority of consequential attacks targeting critical UK sites
Major critical infrastructure disruptions are inevitable, acting CISA chief says
California water utility probes breach claim by Iran-linked actor
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Mythos discovers 'Squidbleed,' a memory leak that's gone undetected since Clinton era
Five Eyes spooks warn AI means infosec incidents can become ‘major operational and financial crises’
Sniff out stale AI override advice with this open source CLI
OpenAI: Yoo-hoo, look over here, we do that security stuff too!
Cloudflare teams up with big browsers to help websites tell welcome from unwelcome visitors
Security shops among the 'hundreds' of Klue hack victims
Canadian utility fesses up to data breach, but key details remain off-grid
Brazil probes emergency warning system after nationwide rogue alert
Health board apologizes for phishing staff with with bogus vacation day
Gizmodo readers hit with ClickFix malware prompts after account compromise
VentureBeat
7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes
Copilot searched your mailbox. LiteLLM handed out admin keys. Run this 5-check audit before your stack is next
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
TechCrunch
Klue says hackers stole credential from 2022 that led to customer data breaches
Password manager maker LastPass says hackers stole customer support case data during Klue breach
Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach
A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak 
Anthropic says Claude may want to see your ID
Klue hack results in data breach at several cybersecurity firms
Signal’s Meredith Whittaker wants you to remember that AI chatbots ‘are not your friends’
From PGP to Mythos: a brief history of export controls that didn’t stop anyone
Texas government data breach allowed hackers to steal 3 million driver’s licenses and passports
Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world
Network World Security
Rami Rahim’s message for network pros: Legacy networks can’t withstand rigors of AI
2026 network outage report and internet health check
China’s LineShine dethrones El Capitan as the world’s fastest supercomputer
Nvidia: Latest news and insights
Dell launches AI server based on Nvidia Vera Rubin GPUs
Nvidia unveils Vera Rubin platform targeting AI, HPC infrastructure
What Bundesliga’s Captain tells us about AI-powered CX
FortiBleed campaign exposes 75,000 Fortinet firewalls worldwide
Cisco: AI growth is exposing campus network limits
HPE CTO Russo drills into data, orchestration, and observability for the agentic enterprise
Help Net Security
What the Fortibleed campaign means for organizations running FortiGate firewalls
New N-able feature gives IT teams visibility into AI usage across endpoints and networks
Dragos unveils OT-native AI to help critical infrastructure teams prioritize threats faster
Using Reddit to manipulate AI search results is surprisingly easy
GTA 6 early access offers are taking gamers’ crypto
Two Scattered Spider hackers plead guilty over Transport for London cyberattack
Omada Identity Sovereign targets Europe’s growing digital sovereignty demands
Hack The Box adds crisis simulations and SOC training to strengthen cyber readiness
Mavenir turns NOC knowledge into automation for autonomous networks
OpenAI wants AI to fix vulnerabilities, not just find them
SC Magazine
Your AI agent can't be authenticated by a password reset email
Threat Intel & Security Awareness: How to Build a Proactive Cybersecurity Culture - WC #1
No more blind trust: Identity controls for AI agents
FFmpeg vulnerability ‘PixelSmash’ could enable RCE via video file
4 ways to protect the company against vishing attacks
How AI Is Reshaping Identity Security at the Infrastructure Layer - Ev Kontsevoy, Neha Duggal, Amit Masand - ASW #388
Brazil's emergency alert system investigated after 'extreme' fake alert sent
Majority of users still store passwords in browsers, survey finds
Canadian healthcare organization apologizes for insensitive phishing test
Underground services offer targeted credential searches from infostealer data
© 2026 RiskDiscovery | Sponsored by: Deception Logic