[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
Silk Typhoon Linked to Powerful Offensive Tools, PRC-Backed Companies
The CrowdStrike Outage Was Bad, but It Could Have Been Worse
ChatGPT, GenAI Tools Open to 'Man in the Prompt' Browser Attack
African Orgs Fall to Mass Microsoft SharePoint Exploits
Nimble 'Gunra' Ransomware Evolves With Linux Variant
The Hidden Threat of Rogue Access
Critical Flaw in Vibe-Coding Platform Base44 Exposes Apps
Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm
Root Evidence Bets on New Concept for Vulnerability Patch Management
Insurance Giant Allianz Life Grapples With Breach Affecting 'Majority' of Customers
Ars Technica
In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network
So far, only one-third of Americans have ever used AI for work
Flaw in Gemini CLI coding tool could allow hackers to run nasty commands
AI in Wyoming may soon use more electricity than state’s human residents
OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test
Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel
After BlackSuit is taken down, new ransomware group Chaos emerges
OpenAI’s most capable AI model, GPT-5, may be coming in August
Supply-chain attacks on open source software are getting out of hand
Two major AI coding tools wiped out user data after making cascading mistakes
CyberScoop
Project Zero disclosure policy change puts vendors on early notice
Senate Democrats call Trump admin’s focus on state voter rolls a pretext for disenfranchisement
Army Secretary forces West Point to rescind appointment given to Easterly
Palo Alto Networks to acquire CyberArk for $25 billion
CISA is facing a tight CIRCIA deadline. Here’s how Sean Plankey can attempt to meet it
Research shows data breach costs have reached an all-time high
Minnesota governor activates National Guard amid St. Paul cyberattack
CISA says it will release telecom security report sought by Sen. Wyden to lift hold on Plankey nomination
Researchers flag flaw in Google’s AI coding assistant that allowed for ‘silent’ code exfiltration 
Sen. Hassan wants to hear from SpaceX about scammers abusing Starlink
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
This Android 16 feature solved my biggest problem with phone notifications - how it works
Finally, an Android Auto adapter that's reliable, highly functional, and won't break the bank
How this one tablet convinced me gaming on Android is worth it
How to sync passkeys in Chrome across your Android, iPhone, Mac, or PC (and why you should)
Why I recommend this Bluetooth tracker to both iPhone and Android users over AirTags
Why the best fix for headless server frustration might be a little box named Comet
I wasn't interested in the Google Pixel 10, but this potential feature changes everything
I tried underwater AR goggles to track my workouts - and they worked surprisingly well
I let a modular yard care robot mow my lawn - here's my verdict after a month
I test wireless earbuds for a living, but this pair is unlike anything I've ever seen
The Hacker News
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant
Product Walkthrough: A Look Inside Pillar's AI Security Platform
Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware
Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
BleepingComputer
ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH
Hackers target Python devs in phishing attacks using fake PyPI site
SafePay ransomware threatens to leak 3.5TB of Ingram Micro data
Hackers actively exploit critical RCE in WordPress Alone theme
Hackers plant 4G Raspberry Pi on bank network in failed ATM heist
Apple patches security flaw exploited in Chrome zero-day attacks
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
Minnesota activates National Guard after St. Paul cyberattack
Russian airline Aeroflot grounds dozens of flights after cyberattack
Cybersecurity Dive
Palo Alto Networks to buy CyberArk for $25 billion
What we know about the cybercrime group Scattered Spider
CISA’s Joint Cyber Defense Collaborative takes major personnel hit
‘Shadow AI’ increases cost of data breaches, report finds
FBI, CISA warn about Scattered Spider’s evolving tactics
Ransomware attacks against oil and gas firms surge
Research shows LLMs can conduct sophisticated attacks without humans
Allianz Life discloses massive data breach linked to supply-chain attack
Emerging cybersecurity needs: What the market is telling us
Philadelphia Indemnity Insurance discloses June data breach
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Enterprises neglect AI security – and attackers have noticed
Users left scrambling for a plan B as Dropbox drops Dropbox Passwords
Minnesota governor calls in the troops after St Paul cyberattack
Palo Alto Networks inks $25b deal to buy identity-security shop CyberArk
Ransomware gang sets deadline to leak 3.5 TB of Ingram Micro data
CISA caves to Wyden, agrees to release US telco insecurity report - but won’t say when
FBI: Watch out for these signs Scattered Spider is spinning its web around your org
Raspberry Pi RP2350 A4 update fixes old bugs and dares you to break it again
War Games: MoD asks soldiers with 1337 skillz to compete in esports
Microsoft spotlights Apple bug patched in March as SharePoint exploits continue
VentureBeat
Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports
Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale
How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution
AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders
ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step
Sparrow raises $35M Series B to automate the employee leave management nightmare
How E2B became essential to 88% of Fortune 100 companies and raised $21 million
CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone
SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more
Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely
TechCrunch
Palo Alto Networks agrees to buy CyberArk for $25 billion
Germ brings end-to-end encrypted messages to Bluesky
Hackers stole Social Security numbers during Allianz Life cyberattack
Minnesota activates National Guard as cyberattack on Saint Paul disrupts public services
Skechers is making kids’ shoes with a hidden AirTag compartment
Google says UK government has not demanded an encryption backdoor for its users’ data
Tea app disables DMs after second data breach exposed over a million private messages
Telecom giant Orange warns of disruption amid ongoing cyberattack
Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers
Trump’s cybersecurity cuts putting nation at risk, warns New York cyber chief
Network World Security
Palo Alto Networks to buy CyberArk for $25B as identity security takes center stage
Micron unveils PCIe Gen6 SSD to power AI data center workloads
IBM: Cost of U.S. data breach reaches all-time high and shadow AI isn’t helping
Survey: AI, cyber threats, distributed workforces challenge IT teams most
Backblaze adds cloud storage security protection features
Debian shifts to 64-bit time storage to head off Epochalypse
Network jobs watch: Hiring, skills and certification trends
Multi-cloud migration startup FluidCloud emerges from stealth
2025 global network outage report and internet health check
Cisco donates AI agent tech to Linux Foundation
Help Net Security
Artemis: Open-source modular vulnerability scanner
The food supply chain has a cybersecurity problem
Why CISOs should rethink identity risk through attack paths
AI is here, security still isn’t
Boards shift focus to tech and navigate cautious investors
Fighting AI with AI: How Darwinium is reshaping fraud defense
Darwinium launches AI tools to detect and disrupt adversarial threats
Beyond Passwords: A Guide to Advanced Enterprise Security Protection
Intruder launches GregAI to deliver AI-powered, contextual security workflow management
Cyware expands Intelligence Suite to streamline CTI program deployment and operations
InfoSecurity Magazine
Hidden Backdoor Found in ATM Network via Raspberry Pi
Google to Publicly Report New Vulnerabilities Within One Week of Vendor Disclosure
Third of Exploited Vulnerabilities Weaponized Within a Day of Disclosure
Data Breach Costs Fall for First Time in Five Years
US Tops Hit List as 396 SharePoint Systems Compromised Globally
OWASP Launches Agentic AI Security Guidance
French Telco Orange Hit by Cyber-Attack
Critical Authentication Flaw Identified in Base44 Vibe Coding Platform
Auto-Color Backdoor Malware Exploits SAP Vulnerability
CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine
© 2025 RiskDiscovery | Sponsored by: Deception Logic