[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
Check Point VPN Flaw Exploited Since Early May
Iran Signed a Ceasefire — Its Hackers Didn't
'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud
Exposed Fuel Tank Gauges Under Attack in the US
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat
Trump AI Order Seeks Voluntary Frontier Model Testing
Rust-Written IronWorm Hits NPM Supply Chain
China's TA4922 Expands Cybercrime Attacks Globally
Ars Technica
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
US's big bet on quantum computing may not be entirely legal
CyberScoop
Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint
The AI security race needs accountability, not overregulation
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
Hill Dems hammer GOP for $250M CISA budget cut
Your AI agent could become your biggest insider threat 
Inside the race to adapt to an AI-powered security world
European authorities crack down on illegal streaming networks
DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
DOD wants to integrate cyber in all operations, and integrate security into AI
Trump administration releases scaled-back AI executive order
InfoSecurity Magazine
North Korean Hackers Use Fake Coding Tasks to Steal Crypto
OpenAI Unveils ChatGPT Account Security Controls
Infosecurity Europe: Prompt Injection Remains Unsolved, OWASP Researcher Warns
Two-Thirds of Open Source Community Unaware of Cyber Resilience Act
Infosecurity Europe: How DSIT Protects Thousands of UK Orgs from Cyber Vulnerabilities
Meta AI Bug Exposes Over 20,000 Instagram Accounts
Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook
Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework
Infosecurity Europe: AI Coding Tools Need Built-In Security for Agentic Development Era
Infosecurity Europe: Reactive Security Is Failing Healthcare Organizations, Experts Warn
SecurityWeek
A Security Raises $37 Million for Autonomous Offensive Security Platform
Everybody Is Vibe Coding But Nobody Told the Security Team
WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order
Cybersecurity M&A Roundup: 26 Deals Announced in May 2026
Everest Forms Vulnerability Exploited to Hack WordPress Sites
174,000 Impacted by Lansing Community College Data Breach
Silent Ransom Group Uses DNS Fast Flux in Attacks
OpenAI Rolling Out ChatGPT Account Security Controls
Anthropic Urges Industry Coordination to Allow for a ‘Pause’ in AI Development if Risks Grow
SolarWinds Serv-U Vulnerability Exploited in the Wild
ZDNet
These 2 iOS 27 upgrades will solve more of my daily problems than Siri AI ever will
I quit Safari for Chrome, but these new MacOS 27 features could pull me back
Apple WWDC 2026 live: Biggest news on Siri AI, Tim Cook, iOS 27 developer beta, more
WatchOS 27 has arrived: How to download the developer beta now
iOS 27's Shortcuts upgrade makes automations easy to build - and will save me so much time
MacOS 27 is almost here: How to download the developer beta now
The new Siri AI could cost you - here's why
Every iPhone model that supports the iOS 27 update (and which older ones don't)
The new iOS 27 child safety features I'm most excited about as a parent
iOS 27 is here: How to download the developer beta now
The Hacker News
One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public
Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
The Hardest Fork
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
BleepingComputer
SoFi confirms third-party data breach at Hong Kong subsidiary
New Apple feature automatically changes your compromised passwords
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
WhatsApp says it disrupted new NSO spyware phishing attacks
Gogs patches critical zero-day enabling remote code execution
Critical UniFi OS bug lets hackers gain root without authentication
Reducing security operations complexity with Wazuh Cloud
Check Point links VPN zero-day attacks to Qilin ransomware gang
Oxford University discloses data breach after careers platform hack
Over 20,000 Instagram accounts stolen in Meta AI support hack
gbhackers
Pink Hacking Group Targets Enterprises to Steal Cloud Passwords
Multiple VMware Stored XSS Flaw Enable Attackers to Inject Malicious Scripts
Google Fixes 429 Chrome Vulnerabilities, Including 22 Critical Bugs
OWASP Unveils AI Security Report Highlighting New Tools for Security Teams
Internet Explorer WebBrowser Control Abuse Lets Attackers Convert Clicks Into RCE
China-Linked OP-512 Targets IIS Servers With Unique Web Shell Framework
Lucid Stealer Hits 18 Browsers, Crypto Wallets, and Discord Tokens
Critical Redis Vulnerability Could Let Attackers Execute Code and Hijack Servers
Instagram Patches Account Recovery Flaw Leaking User Contact Information
Critical UniFi OS RCE Chain Grants Root Access Without Credentials
Cybersecurity Dive
Cyber insurance policyholders facing heavier scrutiny in underwriting, claims
Companies aren’t prepared for how AI is accelerating impersonation attacks
The new risk equation: Why endpoint security is a financial imperative
Cisco warns zero-day flaw in SD-WAN is being exploited
Sprawling new House AI bill includes frontier model oversight, open-source security grants
CISA chief says Trump AI executive order implementation will start soon
CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand
‘Don’t panic’: AI reality checks dominate major cybersecurity conference
CISA, FBI warn that hackers are targeting systems used to monitor industrial fluids
Trump signs EO seeking early government access to powerful AI models
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Ransomware crims got a month-long head start on Check Point VPN 0-day that now has a fix
Ransomware sends Illinois high school on an early summer vacation
GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections
NSO Group back in Meta's crosshairs after alleged WhatsApp targeting
Oxford Uni student data pwned yet again - this time via career platform breach
If you don't fall for these extortionists' calls, they'll show up with USB sticks
Yet another Cisco SD-WAN 0-day under attack, and no patch in sight
World Food Programme breach exposes data of 600k vulnerable Gazan families
Council in UK's City of York outs hundreds of disabled residents with a single email blunder
Pink is the latest goon squad to use fake helpdesk calls to steal creds
VentureBeat
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
TechCrunch
Microsoft’s open source tools were hacked to steal passwords of AI developers
WhatsApp says it caught new spyware attacks linked to NSO Group in violation of court order
Massachusetts votes to pass new privacy rights bill that bans sale of precise location data
Hacked, leaked, and held for ransom: The worst breaches of 2026 so far
OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks
Former cyber executive turned whistleblower accuses IBM of covering up several data breaches
Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person
NSA said to be readying Anthropic’s Mythos for use in cyber operations
Filtr is a new privacy tool that blocks ads in almost every iPhone and Mac app
Defense tech, AI, and fundraising take center stage at StrictlyVC Los Angeles on June 18
Network World Security
Attackers exploiting unpatched Cisco SD-WAN flaw
Enterprise network teams are falling behind as AI raises the stakes
New data center routing design cuts AWS networking energy costs by 40%, Amazon claims
Cisco: Latest news and insights
Network jobs watch: Hiring, skills and certification trends
How Cisco IT cut observability costs by 86% and eliminated major network outages
Microsoft makes Linux developers feel more at home in Windows with Coreutils release
AMD ships second-gen Versal Prime accelerators
CompTIA debuts AutoOps+ certification
Cisco sees quantum networking as the future of networking
Help Net Security
Meta claims NSO Group still targets WhatsApp users despite court order
Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows
Hackers used Meta’s AI support system to hijack over 20,000 Instagram accounts
New Relic expands observability into AI-assisted software development
Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)
RidgeBot 7.0 automates Active Directory attack simulations for security validation
ConnectSecure’s Patch 360 gives MSPs control over patch testing and deployment
CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)
Samsung just made Galaxy phones more secure in One UI 9 beta
OpenAI is locking down parts of ChatGPT to reduce data theft risks
SC Magazine
Silent Ransom Group moves to in-person method if vishing attempt fails
Critical Infrastructure: The Risk Hiding in Plain Sight - Jason Manar - CSP #225
How managing digital identities has become critical to agentic AI projects
VS Code adds 2-hour delay for extension updates to combat supply chain threats
Researcher finds Bright Data iOS SDK turns smart TVs into web-scraping nodes
AI helps uncover critical 4-year-old Zcash vulnerability
AI agents discover numerous vulnerabilities in FFmpeg and Chrome
New Pink cybercrime group targets corporate data using vishing and cloud theft
Guardrails for agents: How to secure AI at runtime
Hackers exploit critical Everest Forms Pro vulnerability for website control
© 2026 RiskDiscovery | Sponsored by: Deception Logic