[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
Phishing Attack Volume Down 20%, but Risk Still Rising
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Segmentation Works for OT If Operators Are Paying Attention
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
CISA Rewrites Federal Patching Requirements for AI Threat Era
Bug Bounty Research Triggers ServiceNow Security Alert
AI Risk Worries Insurers & Businesses Alike
Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet
The Invisible Battlefield: How Cyberwar Is Reshaping Everyday Life
Ars Technica
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
CyberScoop
Russian national charged in connection with Void Blizzard espionage campaign
OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers 
CISA directive orders agencies to prioritize vulnerability patching in a new way
Microsoft breaks Patch Tuesday record with 206 vulnerabilities
Anthropic’s new model is Mythos on a leash
CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector
Cisco customers encounter another SD-WAN zero-day under attack
Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint
The AI security race needs accountability, not overregulation
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
InfoSecurity Magazine
CISA Orders Agencies to Patch by Risk, Not Severity
Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware
Most Cybersecurity Teams Struggle to Find Time for Training on New Cyber Threats
Interpol Dismantles SniperDz Phishing-as-a-Service Platform
Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
New “Agentjacking” Attacks Could Hijack AI Coding Agents
Fake Software Tutorials on TikTok Spread Vidar Stealer
Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks
New SilabRAT Trojan Hijacks Sessions to Steal Crypto
New Fable 5 Is a "Mythos-Class" LLM Available to All, Anthropic Announces
SecurityWeek
Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks
Alert Fatigue Is Becoming a Security Threat of Its Own
CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk
OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month
Hackers Exploit Langflow Vulnerability for Remote Code Execution
Siemens Says Desigo CC Files Flagged as Malware by Security Engines
FBI Seizes 13 Websites That Officials Say Were Used by China to Target and Recruit US Workers
Splunk, Palo Alto Networks Patch Severe Vulnerabilities
‘GreatXML’ Zero-Day Exploit Bypasses BitLocker
University of Nottingham Confirms Breach After Hackers Leak Data
ZDNet
The cloud vs. clouded leopard: America's data center backlash on display at Nashville Zoo
I found the best early Prime Day Apple deals: MacBooks, iPads, AirPods, and more
The best early Prime Day health and fitness deals I'd recommend
Lenovo vs. Dell: I've tested both laptop brands for years, and here's my preference
10 useful smart home gadgets that make life so much easier (and are affordable)
How to watch the FIFA World Cup 2026: I found 10 ways to stream (including free options)
4 Android Auto default settings you should change right away - here's why
Euro-Office 1.0 arrives to open-source infighting: 'Compatibility is not sovereignty'
Apple WWDC: What tech fans got right (and wrong) about iOS 27, Tim Cook, and more
Best Buy just cut the price of one of my favorite TCL TVs - up to $1,000 off
The Hacker News
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories
AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.
OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
BleepingComputer
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Authorities dismantle 'AudiA6' ransomware crypto-laundering service
Why AI-driven threats are exposing the limits of MSP security stacks
Coupang hit with record $409 million data breach fine in Korea
CISA tells govt agencies to patch critical exploited flaws in 3 days
Microsoft fixes BitLocker recovery bug on Windows Server 2025
Nottingham University data breach affects over 450,000 students
Max severity Ivanti Sentry vulnerability now exploited in attacks
Path traversal flaw in AI dev platform Langflow exploited in attacks
The ‘Miasma’ worm source code briefly leaked on GitHub
gbhackers
OceanLotus Targets Stock Investors in FireAnt MetaKit Supply-Chain Hack
GoFlateLoader Hides Infostealers in Massive PE Overlay
GreatXML Zero-Day Enables BitLocker Bypass Through Windows Defender Offline Scan
Attackers Exploit Critical Langflow Flaw for Remote Code Execution
Hackers Exploit SniperDz PhaaS for Brand Spoofing and Browser Hijacking
GitHub Introduces Automatic Controls to Prevent Malicious npm Install Scripts
Weaponized DMG Files Deliver macOS Infostealer Malware
BLUERABBIT Backdoor Encrypts Files, Wipes Windows Systems
Hackers Use Residential Proxies Networks to Evade Detection
Cybercriminals Exploit Chinese Guarantee Markets to Sell Stolen Credentials
Cybersecurity Dive
Enterprises report increasing budgets for security training in AI and other critical topics
FIFA World Cup expected to face extensive criminal, hacktivist cyber threats
CISA gives agencies new vulnerability remediation deadlines that take risk levels into account
CISA, researchers warn of escalating attacks using Cisco Catalyst SD-WAN flaws
Companies are failing to keep up with AI’s identity sprawl, creating entry points for hackers
Check Point warns of zero-day flaw targeted by ransomware affiliate
IT sector faces growing threats from IP-hungry China, AI-enabled cybercriminals
Cyber insurance policyholders facing heavier scrutiny in underwriting, claims
Companies aren’t prepared for how AI is accelerating impersonation attacks
The new risk equation: Why endpoint security is a financial imperative
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
ShinyHunters hacked 100 orgs by exploiting an Oracle PeopleSoft 0-day
Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day
VRChat says somebody faked a breach notice with the Maine AG's office
Every employee’s password was stored in a single Excel file
Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate
Angry bug hunter with Microsoft beef drops new Windows 0-day
GitHub pulls pin on npm's auto-run scripts
Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9
AI is making Patch Tuesday (kinda) fun again
Miasma worms its way onto GitHub as attack kit goes open source
VentureBeat
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
TechCrunch
Oracle warns of security bug that hackers abused to breach 100+ companies
South Korea hits Coupang with $400M+ fine for data breach that affected millions
Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations
North Koreans behind nearly half of US tech industry hacks, says CrowdStrike
Cybersecurity researchers aren’t happy about the guardrails on Anthropic’s Fable
ServiceNow tells customers a bug left some of their data exposed to the internet
CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang
Microsoft’s open source tools were hacked to steal passwords of AI developers
WhatsApp says it caught new spyware attacks linked to NSO Group in violation of court order
Massachusetts votes to pass new privacy rights bill that bans sale of precise location data
Network World Security
Marvell announces 102.4 Tbps switch silicon built for AI
IBM, ServiceNow team to bring AI to legacy enterprise systems
AI-powered WAF, virtual patching: How F5 is hardening networks against frontier threats
A quick look at Cisco’s strategy to become a software monster
Residential proxies are hiding in plain sight inside enterprise networks
OpenAI weighs Nvidia-backed lease for 10 GW Ohio data center campus
Lotus Microsystems targets AI power efficiency with vStrata platform
From the data center to the edge: How to build secure, effective enterprise AI infrastructure
Arista unveils 1.6T rack-scale switch family for AI infrastructure
Zscaler launches zero trust platform for agentic AI
Help Net Security
CISA orders federal agencies to “patch smarter”
Proxmox releases Mail Gateway 9.1 with quarantine and backup encryption changes
Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware
Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert
FBI seizes 13 websites linked to alleged Chinese intelligence-gathering effort
9 out of 10 people can no longer distinguish real from AI-generated content
Check Point expands MSP platform with with AI governance and unified security bundles
IDnow launches Trust Platform to help regulated firms move from KYC to continuous trust
Threat actors are recruiting the people who hold cloud logins
Making the cloud prove it followed your privacy wishes
SC Magazine
FBI shuts down 13 ‘consulting’ websites used for suspected Chinese espionage
Texas A&M CIO emphasizes user experience in cybersecurity strategy
OceanLotus targets stock investors and construction firm with SPECTRALVIPER backdoor
Russian national charged in connection with Void Blizzard cyberespionage campaign
OnyxC2 stealer sold as a service targets over 210 applications
AudiA6 cryptocurrency service dismantled for allegedly laundering over $380 million
Siemens Desigo CC patch files falsely flagged as malware
AI agents are already exploring your network. How do you detect their intent?
AI Identity Security: The Hidden Risks of Non-Human Identities & Agents - WC #1
How autonomous defense and remediation stands up to AI cyber threats
© 2026 RiskDiscovery | Sponsored by: Deception Logic