[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
[An RX Global Event] Infosecurity Europe
Anthropic to Open Mythos AI to EU's ENISA
Microsoft's Zero-Day Legal Threats Spark Backlash
Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit
Name That Toon: Mark of (Cybersecurity) Progress
As Global Powers Explore Humanoid Robots, Cyber-Risk Looms
Asia's Cyber Insurance Market Shows Signs of Life
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
'The Com' Cyberattacks Support Violence & Sexploitation
Ars Technica
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
US's big bet on quantum computing may not be entirely legal
Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption
A hacker group is poisoning open source code at an unprecedented scale
US government takes $2 billion equity stake in nine quantum computing firms
Google publishes exploit code threatening millions of Chromium users
CyberScoop
Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight
USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order 
Election threats are focused on campaign systems, not voting machines
Tennessee man linked to 764 accused of series of crimes against children dating back to 2022
Federal audit reveals NIST’s NVD is plagued by poor planning and duplication
House panel poised to hold hearing centered on AI impact on cyber
Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket
Zapier fixes bug chain that researchers say risked widespread account takeover
OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms
InfoSecurity Magazine
Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets
Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve
Infosecurity Europe: Business Leaders Lack Understanding of Threat Intelligence, Study Warns
Critical Flowise Flaw Gives Attackers Full Server Control
Infosecurity Europe: Tabletop Exercise to Test How CISOs Respond to Major Supermarket Cyber-Attack
Infosecurity Europe: AI SOCs Will Still Need SOC Analysts, Security Vendors Say
FSB Group Gamaredon Hides Worm in Windows Data Streams
Attackers Abuse Shared Content for ChatGPT Phishing Campaign
Palo Alto Warns High-Severity Bug Is Being Actively Exploited
Infosecurity Europe: OWASP Forms New Agentic Research Council
SecurityWeek
Supply Chain Attack Hits 32 Red Hat NPM Packages
Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads
Oracle’s First Monthly Patches Resolve 77 Vulnerabilities
WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites
Dutch Police Dismantle Massive 17-Million-Device Botnet
Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs
Dragos Acquires xIoT Security Firm Phosphorus
As the Pentagon Pushes for Battlefield AI, Some Military Leaders Urge Caution
19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access
Recent Palo Alto Networks Vulnerability Exploited for Weeks
ZDNet
I finally bought the Transmit MacOS app, and that 16x faster transfer speed is just the beginning
Want to be a Linux pro like me? Master these 8 skills first
Should you switch to a Wi-Fi 7 mesh router? My home testing reveals what got better (and what didn't)
How I built my own DIY cyberdeck straight out of 80s sci-fi - and all the cool things it can do
Home Depot will give you a free Ryobi power tool with this battery deal - and I recommend it
I tried the latest MX Linux version on my PC, and it made the system look and feel like new
Sony Bravia 9 II vs. Bravia 9: I've seen both TV models, and True RGB LED is a major leap
I tried gaming on Android Auto and found 4 apps that made car downtime less boring
Why I just connected my living room TV to a router VPN (and you should, too)
This $4 router reboot timer is the cheap internet fix I didn't know I needed - and it works reliably
The Hacker News
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
BleepingComputer
Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
Red Hat npm packages compromised to steal developer credentials
Spain arrests doxer leaking sensitive data of govt employees
Dashlane password manager users locked out by brute force attacks
WordPress malware campaign hides payloads in Steam profiles
Microsoft investigates Office Apps, Teams file access issues
Race Against Time: Why Faster Vulnerability Alerts Matter
Critical Windows Netlogon RCE flaw now exploited in attacks
Webinar tomorrow: From alert to resolution in network incident response
Microsoft fixes outage affecting MFA setup, MySignIn service
gbhackers
CISA Warns of Active Exploitation of Palo Alto Networks PAN-OS Vulnerability
CISA Issues Alert on Oracle WebLogic Server Flaw Under Active Exploitation
Android Zero-Day Vulnerability Actively Exploited in Device Takeover Attacks
34 Malicious Packages Steal Cloud Keys, Wallets, and SSH Credentials
Hackers Use Spearphishing to Deploy AZUREVEIL Adaptix C2 Agent
Critical StrongDM Flaw Exposes Users to Authentication Token Theft and Reuse
SolyxImmortal Malware Steals Passwords, Cookies, Files, and Keystrokes
PHANTOMPULSE RAT Uses UAC Bypass to Hijack Windows Systems
TP-Link Router Security Bug Enables Remote Command Execution Attacks
Meta’s AI Bot Misused by Hackers to Take Over Instagram Accounts
Cybersecurity Dive
CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation
Without strong governance, companies put credit ratings at risk in AI era
Top 4 data security best practices for the AI-enabled enterprise
How Canva scaled to 260+M users while elevating security and productivity
CISA urges security teams to check for software development compromises
How CISOs can manage sovereign-cloud security risks
IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities
Enterprise data is creeping its way into shadow AI tools
Coordinated operation takes down Glassworm botnet
Leading AI models are more vulnerable to malicious prompts than vendors claim
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week
Election interlopers register 5K+ domains, hope to catch some voting phish
GTA cheat service Atlas Menu hacked as attacker alleges screenshot spying
Palo Alto VPN bug graduates from advisory to active exploitation
Password manager Dashlane suspends customer accounts amid brute-force attacks
Putin sends submarines to survey Britain's subsea cables. UK deploys Royal Navy, mobilizes parliamentary draftsmen
Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries
ICE to keep an eye on your eyes under $25M biometric scanner deal
No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out
23andMe inherits lawsuit over 'disturbing' DNA data breach
VentureBeat
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.
Valid certificates, stolen accounts: how attackers broke npm's last trust signal
Americans can’t spot a deepfake, and that’s a business crisis, not just a consumer problem
TechCrunch
Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access
Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers
Microsoft under fire for threatening security researcher with criminal investigation
Final 24 hours to save up to $410 on your TechCrunch Disrupt 2026 ticket
Hackers are trying to steal Signal users’ backups in new wave of widespread attacks
A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licenses
US says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’
UK Visa Portal exposed thousands of applicants’ passports and selfies — then called the lawyers on us
CrowdStrike and Google take down botnet used by hackers to target open source software developers
TechCrunch Disrupt 2026 Early Bird ticket savings end in 3 days
Network World Security
FTC broadens Microsoft probe to cloud, AI, and software bundling
Can Chinese memory maker CXMT help relieve the memory shortage?
Broadcom, Samsung team for wireless SoC
Intel focuses on power efficiency and cost with new chip designs
Cisco: Latest news and insights
Meta considers becoming a hyperscaler
Zero trust isn’t broken, but most companies are doing it wrong
As AI datacenter memory becomes hot commodity, SK Hynix makes it cooler
Cisco research finds standard AI safety benchmarks miss the real threat
Cisco redefines ‘job-ready’ for network engineers with its certification overhaul
Help Net Security
Microsoft Entra pushes passkeys, tightens identity security
Sophos uncovers AI-powered malware lab built for EDR evasion
Red Hat npm packages compromised in new Mini Shai-Hulud malware wave
KDE Linux security audit cuts kernel modules and unused packages
Cybanetix unveils Managed AI Service to secure users, models, and agents
OpenAI brings frontier AI to existing AWS environments
Sensitive government personnel data posted online, Spanish police arrest suspect
RSA extends passwordless authentication to Linux environments
Zero trust physical security needs trust decisions at the edge
Why you need BAS and autonomous pentesting together
SC Magazine
BadHost, Dead CTFs, Exploding NPMs, and the Verizon DBIR - ASW #385
Malware hides in Steam comments to infect WordPress sites
AI-powered threats target 2026 election communications
Fingerprint launches AI assistant detection tools
Ransomware leak posts show weekday peak, October spikes
Pretalx vulnerability allows account takeover and admin demotion
Dashlane accounts suspended amid brute-force attack
Dragos acquires Phosphorus to enhance industrial cybersecurity
Microsoft resolves Windows 11 update installation errors
Meta AI customer support tricked into forwarding password reset codes
© 2026 RiskDiscovery | Sponsored by: Deception Logic