[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
EoP Flaws Again Lead Microsoft Patch Day
Is the Browser Becoming the New Endpoint?
Qantas Reduces Executive Pay Following Cyberattack
Huge NPM Supply-Chain Attack Goes Out With Whimper
Salty2FA Takes Phishing Kits to Enterprise Level
SentinelOne Announces Plans to Acquire Observo AI
'MostereRAT' Malware Blends In, Blocks Security Tools
Salesloft Breached via GitHub Account Compromise
The Critical Failure in Vulnerability Management
45 New Domains Linked to Salt Typhoon, UNC4841
Ars Technica
Claude’s new AI file creation feature ships with deep security risks built in
SAP warns of high-severity vulnerabilities in multiple products
Why accessibility might be AI’s biggest breakthrough
Software packages with more than 2 billion weekly downloads hit in supply-chain attack
Former WhatsApp security boss in lawsuit likens Meta’s culture to a “cult”
AI will consume all of IT by 2030—but not all IT jobs, Gartner says
ChatGPT’s new branching feature is a good reminder that AI chatbots aren’t people
The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest.
Microsoft open-sources Bill Gates’ 6502 BASIC from 1978
New AI model turns photos into explorable 3D worlds, with caveats
CyberScoop
Critical infrastructure security tech needs to be as good as our smartphones, top NSC cyber official says
Microsoft Patch Tuesday addresses 81 vulnerabilities, none actively exploited
U.S. indicts Ukrainian national for hundreds of ransomware attacks using multiple variants
Former WhatsApp security manager sues company for privacy violations, professional retaliation
National cyber director: U.S. strategy needs to shift cyber risk from Americans to its adversaries
Mitsubishi Electric to acquire Nozomi Networks in $1 billion deal
Treasury Department targets Southeast Asia scam hubs with sanctions
Salesloft Drift security incident started with undetected GitHub access
CISA pushes final cyber incident reporting rule to May 2026
Supreme Court blocks FTC commissioner Slaughter’s reinstatement
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
Apple Events live updates: iPhone 17, iPhone Air, AirPods Pro 3, and new wearables just unveiled
iPhone Air vs. Samsung S25 Edge: I compared both thin phones, and here's the winner
The best iPhone 17 cases of 2025 (including the Air, Pro, and Max models)
How to preorder the iPhone 17, iPhone Air, Apple Watch Series 11 and more (plus best deals)
How the AirPods Pro 3 may make this Apple user ditch the Watch for good
Should you upgrade to an iPhone 17 Pro from a 16 Pro? How I'm justifying it
iPhone 17 Pro vs. iPhone 14 Pro: Why this year's model may be worth the upgrade
Every iPhone 17 model compared: Should you buy the base model, Air, Pro, or Max?
Apple iPhone 17 Pro vs. iPhone 16 Pro: I compared both models, and here are the differences
Excited about Apple Watch 11's hypertension feature? It's coming to older models too
The Hacker News
Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts
SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities
[Webinar] Shadow AI Agents Multiply Fast — Learn How to Detect and Control Them
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
How Leading CISOs are Getting Budget Approval
TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs
20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack
45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage
BleepingComputer
U.S. sanctions cyber scammers who stole billions from Americans
Hackers hide behind Tor in exposed Docker API breaches
Windows 10 KB5065429 update includes 14 changes and fixes
Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days
Windows 11 KB5065426 & KB5065431 cumulative updates released
Kosovo hacker pleads guilty to running BlackDB cybercrime marketplace
US charges admin of LockerGoga, MegaCortex, Nefilim ransomware
Adobe patches critical SessionReaper flaw in Magento eCommerce platform
How External Attack Surface Management helps enterprises manage cyber risk
Microsoft: Anti-spam bug blocks links in Exchange Online, Teams
Cybersecurity Dive
Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B
How AI and politics hampered the secure open-source software movement
Bridgestone Americas continues probe as it looks to restore operations
Salesloft platform integration restored after probe reveals monthslong GitHub account compromise
Data security gaps stymy enterprise AI plans
Marriott checks out AI agents amid technology transformation
Swiss Re warns of rate deterioration in cyber insurance
Researchers warn of zero-day vulnerability in SiteCore products
How the newest ISAC aims to help food and agriculture firms thwart cyberattacks
How Tampa General Hospital worked to quantify cyber risk
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
More packages poisoned in npm attack, but would-be crypto thieves left pocket change
New cybersecurity rules land for Defense Department contractors
Defense Dept didn't protect social media accounts, left stream keys out in public
No gains, just pains as 1.6M fitness phone call recordings exposed online
What the Plex? Streaming service suffers yet another password spill
Nokia successor HMD spawns secure device biz with Euro-made smartphone
Anthropic's Claude Code runs code to test if it is safe – which might be a big mistake
UK toughens Online Safety Act with ban on self-harm content
Forget disappearing messages – now Signal will store 100MB of them for you for free
WhatsApp's former security boss claims reporting infosec failings led to ousting
VentureBeat
TechCrunch
Plex urges users to change passwords after data breach
Netskope follows Rubrik as a rare cybersecurity IPO, both backed by Lightspeed
VC giant Insight Partners notifies staff and limited partners after data breach
Signal introduces free and paid backup plans for your chats
Salesloft says Drift customer data thefts linked to March GitHub account hack
The growing debate over expanding age-verification laws
X is now offering me end-to-end encrypted chat — you probably shouldn’t trust it yet
Venezuela’s president thinks American spies can’t hack Huawei phones
ICE reactivates contract with spyware maker Paragon
WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware
Network World Security
Microsoft finds possible solution to Azure capacity issues
Nvidia: Latest news and insights
Cisco’s Splunk embeds agentic AI into security and observability products
New life for the mainframe: AI cost savings materialize, modernization efforts pay off
Cadence adds Nvidia to digital twin tool for data center design
Nvidia rolls out new GPUs for AI inferencing, large workloads
VMware by Broadcom: Product, service and support news
Network jobs watch: Hiring, skills and certification trends
VMware Explore 2025: Latest news and insights
Broadcom’s VMware strategy pays off financially, but customers not as keen as Wall Street
Help Net Security
Plex tells users to change passwords due to data breach, pushes server owners to upgrade
Relyance AI Data Defense Engineer secures AI-driven data
Vanta embeds agentic AI into policy and evidence workflows
Hummingbird’s compliance and risk platform helps financial institutions manage risk
Cisco puts agentic AI at the core of Splunk Enterprise Security
Fake npm 2FA reset email led to compromise of popular code packages
NetApp StorageGRID 12.0 powers AI and data-intensive workloads
Download: Cyber defense guide for the financial sector
Silobreaker Requirements enables teams to improve threat intelligence
Signal adds secure backup option for chat history
InfoSecurity Magazine
Threat Actor Accidentally Exposes AI-Powered Operations
Salty2FA Phishing Kit Unveils New Level of Sophistication
Open Source Community Thwarts Massive npm Supply Chain Attack
Axios User Agent Helps Automate Phishing on “Unprecedented Scale”
Chinese Cyber Espionage Campaign Impersonates US Congressman
Salesloft: GitHub Account Breach Was Ground Zero in Drift Campaign
Wealthsimple Confirms Data Breach After Supply Chain Attack
MostereRAT Targets Windows Users With Stealth Tactics
Remote Access Abuse Biggest Pre-Ransomware Indicator
Qualys, Tenable Latest Victims of Salesloft Drift Hack
© 2025 RiskDiscovery | Sponsored by: Deception Logic