[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
At RSAC, the EU Leads While US Officials Are Sidelined
Blame Game: Why Public Cyber Attribution Carries Risks
Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam
AI Dominates RSAC Innovation Sandbox
SANS: Top 5 Most Dangerous New Attack Techniques to Watch
Why a 'Near Miss' Database Is Key to Improving Information Sharing
AI-Native Security Is a Must to Counter AI-Based Attacks
Ex-NSA Directors Discuss 'Red Line' for Offensive Cyberattacks
Iran Hacktivists Make Noise but Have Little Impact on War
CSA Launches CSAI Foundation for AI Security
Ars Technica
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Supply-chain attack using invisible code hits GitHub and other repositories
The who, what, and why of the attack that has shut down Stryker's Windows network
14,000 routers are infected by malware that's highly resistant to takedowns
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
CyberScoop
Alleged RedLine infostealer conspirator extradited to US
Google moves post-quantum encryption timeline up to 2029
DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses
Experts warn of a ‘loud and aggressive’ extortion wave following Trivy hack
Critics call FCC router rule a ‘big swing’ that could create more supply chain uncertainty
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
Russian access broker sentenced to over 6 years in prison for ransomware schemes
Experts insist Trump administration’s cyber strategy is already paying off
State officials, election experts question California sheriff’s seizure of ballots
FBI: Iranian hackers targeting opponents with Telegram malware
InfoSecurity Magazine
Cloud Phones Linked to Rising Financial Fraud Threat
Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne
US: FCC Bans Foreign-Made Routers Over National Security Concerns
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown
RSA Conference: UK NCSC Head Urges Industry to Develop Vibe Coding Safeguards
Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage
Citrix Urges Immediate Patching for Critical NetScaler Vulnerabilities
New Npm 'Ghost Campaign' Uses Fake Install Logs to Hide Malware
SecurityWeek
Onit Security Raises $11 Million for Exposure Management Platform
Russian Cybercriminal Gets 2-Year Prison Sentence in US 
AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link
iOS, macOS 26.4 Roll Out With Fresh Security Patches
FCC Bans New Routers Made Outside the US Over National Security Risks
RSAC 2026 Conference Announcements Summary (Day 2)
From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI
US Prisons Russian Access Broker for Aiding Ransomware Attacks
HackerOne Employee Data Exposed in Massive Navia Breach
DoE Publishes 5-Year Energy Security Plan
ZDNet
How I used Gemini to replace YouTube's missing comment alerts - in under an hour
This digital photo frame is my favorite gift to give (and it's on sale)
The Apple Watch Series 9 is over 50% off during the Amazon Spring Sale for a limited time
Get your pup the smart Halo Collar 5 that's 25% off
I've tested every Apple Watch model - my top pick is on sale for $299
Get Kindle Unlimited for $0.99 a month with this Amazon Spring Sale deal - here's how
Amazon Spring Sale live blog 2026: Real-time updates on the best deals
5 Dyson Amazon Spring Sale deals that are worth a second glance
Dyson's cordless vacuum can handle kid and pet messes - and it's nearly 30% off at Amazon
The robot lawn mower I recommend most is $347 off for Amazon's Spring Sale
The Hacker News
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
BleepingComputer
GitHub adds AI-powered bug detection to expand security coverage
PolyShell attacks target 56% of all vulnerable Magento stores
Bubble AI app builder abused to steal Microsoft account credentials
New Torg Grabber infostealer malware targets 728 crypto wallets
Citrix urges admins to patch NetScaler flaws as soon as possible
Paid AI Accounts Are Now a Hot Underground Commodity
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
TP-Link warns users to patch critical router auth bypass flaw
Manager of botnet used in ransomware attacks gets 2 years in prison
PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug
gbhackers
2026 Cybersecurity Excellence Awards Winners Announced during RSA Conference as AI Security Dominates
China-Backed Hackers Target Southeast Asian Military Systems in Ongoing Spy Campaign
Obfuscated VBS and PNG Loaders Power New Open Directory Malware Campaign with RAT Payloads
Mirai Botnets Evolve Into Major DDoS and Proxy Abuse Threats
GoHarbor Issues Urgent Patch for Harbor Flaw Allowing Full Registry Compromise
Mozilla Releases Firefox 149.0 With Free Built‑In VPN Offering 50 GB Monthly Data
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads
F5 NGINX Plus & Open‑Source Flaw Lets Attackers Execute Code via MP4 File
Hackers Exploiting Magento Flaw to Execute Remote Code and Seize Full Account Access
SmartApeSG ClickFix Campaign Spreads Remcos, NetSupport RAT, StealC, Sectop RAT
Cybersecurity Dive
‘Do not shift budgets to AI’: How businesses should and shouldn’t respond to evolving threats
Iran-linked ransomware operation targeted US healthcare provider
Congress wants details from White House on cyber strategy, Iran resilience measures
The CVE Program, a bedrock of global cyber defense, is teetering on the brink
Companies face difficult choices in blaming hackers for an attack
Cybercrime groups speed up initial access handoff through planning, coordination
FCC bans import of consumer-grade routers amid national security concerns
ISACs confront AI’s promise and peril for threat intelligence-sharing
AI poised to help low-skilled hackers in the near term
Lockheed Martin targeted in alleged breach by pro-Iran hacktivist
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
AI supply chain attacks don’t even require malware…just post poisoned documentation
Scammers have virtual smartphones on speed dial for fraud
Jen Easterly, cybersecurity's 'relentless optimist,' hopes feds come back to RSAC next year
Only Trump can decide when cyberwar turns into real war
Enterprise PCs are unreliable, unpatched, and unloved compared to Macs
EFF has a new boss to lead the fight against privacy-sucking forces of doom
1K+ cloud environments infected following Trivy supply chain attack
LiteLLM loses game of Trivy pursuit, gets compromised
HackerOne slams supplier for delayed breach notice after staff data exposed
Country that put backdoors into Cisco routers to spy on world bans foreign routers
VentureBeat
Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why
The authorization problem that could break enterprise AI
Nvidia's agentic AI stack is the first major platform to ship with security at launch, but governance gaps remain
OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert
Anthropic and OpenAI just exposed SAST's structural blind spot with free tools
Enterprise identity was built for humans — not AI agents
Microsoft says ungoverned AI agents could become corporate 'double agents.' Its fix costs $99 a month.
TechCrunch
Convicted spyware chief hints that Greece’s government was behind dozens of phone hacks
Russia arrests alleged owner of cybercrime forum LeakBase, report says
Crunchyroll confirms data breach after hacker claims unauthorized access
FCC bans import of new consumer routers made overseas, citing security risks
Insight Partners scrubs investment post about Delve amid ‘fake compliance’ allegations
Someone has publicly leaked an exploit kit that can hack millions of iPhones
Russian authorities block paywall removal site Archive.today
FBI says Iranian hackers are using Telegram to steal data in malware attacks
Federal immigration agents filmed making airport arrests as Trump calls in ICE to ease security line delays
Delve accused of misleading customers with ‘fake compliance’
Network World Security
Meshery 1.0 debuts, offering new layer of control for cloud-native infrastructure
Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service
Why AI rack densities make liquid cooling nonnegotiable
HPE bolsters hybrid mesh firewall platform
Forescout brings identity-driven segmentation to multi-vendor networks
2026 network outage report and internet health check
FCC bans foreign routers, putting enterprise network risk in focus
Cisco: Latest news and insights
Palo Alto updates security platform to discover AI agents
Nvidia: Latest news and insights
Help Net Security
Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars
Vorlon adds forensics and response to secure AI agents
DigiCert Document Trust Manager enhancements improve document security and compliance
Gemini picks up criminal activity buried in dark web noise
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
Akamai Brand Guardian detects and removes AI-driven brand impersonation
Njordium AI blocks fake invoices and fraudulent payments
Microsoft hands Entra ID users new option for MFA
Anthropic trims action approval loop, lets Claude Code make the call
Codenotary introduces AgentX for autonomous Linux infrastructure security
SC Magazine
The Agentic SOC: Autonomous AI Analysts at Machine Speed - Edward Wu - RSAC26 #3
ESET's Tony Anscombe on managing cyber risk as financially motivated attacks grow
Novee's Ido Geffen on why AI pentesting is becoming essential
Beyond IOCs: A Framework for High-Impact Cyber Threat Intelligence - Samuel Hassine - RSAC26 #3
No Device, No Access: The Future of Zero Trust Security - Rob Allen - RSAC26 #3
Why More Technology Hasn’t Made Us More Secure - John Anthony Smith - RSAC26 #3
Understanding Where Agentic AI Stands in the Enterprise - Fred Kneip - RSAC26 #6
Mind the Gap: Confidence, AI, and the Future of Exposure Management - Chris Wallis - RSAC26 #3
The Convergence of Physical and Digital Risk - David Muse - RSAC26 #6
RSAC 2026 executive interview: Apiiro’s Idan Plotnik - Idan Plotnik - RSAC26 #3
© 2026 RiskDiscovery | Sponsored by: Deception Logic