[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
Bad Memories Still Haunt AI Agents
'Zealot' Shows What AI's Capable of in Staged Cloud Attack
Africa Relinquishes Cyberattack Lead to Latin America — For Now
'The Gentlemen' Rapidly Rises to Ransomware Prominence
DPRK Fake Job Scams Self-Propagate in 'Contagious Interview'
Electricity Is a Growing Area of Cyber Risk
Ransomware Negotiator Pleads Guilty to BlackCat Scheme
Exploits Turn Windows Defender Into Attacker Tool
Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
Ars Technica
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
CyberScoop
Vercel attack fallout expands to more customers and third-party systems
US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied
Dragos: Despite AI use, new malware targeting water plants is ‘hype’
Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities
A dozen allied agencies say China is building covert hacker networks out of everyday routers
CISA director pick Sean Plankey withdraws his nomination
House Republicans roll out national privacy bill
The Supreme Court is about to decide how far geofence warrants can go
The AI era demands a different kind of CISO
Former DigitalMint ransomware negotiator pleads guilty to extortion scheme
InfoSecurity Magazine
Google Favors General-Purpose Gemini Models Over Cybersecurity‑Specific AI
Apple Fixes iOS Notification Bug Exposing Deleted Messages
Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform
Cyber-Attacks Surge 63% Annually in Education Sector
Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents
NCSC Backs Passkeys, Hailing a New Era of Sign-in
MacOS Native Tools Enable Stealthy Enterprise Attacks
NCSC Unveils SilentGlass, a Plug-In Device to Protect Monitors from Cyber-Attacks
UK Commits £90m for Cybersecurity and Pushes for ‘Resilience Pledge’
Surge in Silent Subject Phishing Attacks Targets VIP Users
SecurityWeek
Cloudsmith Raises $72 Million in Series C Funding
Chinese Cybersecurity Firm’s AI Hacking Claims Draw Comparisons to Claude Mythos
Rilian Raises $17.5 Million for AI-Native Security Orchestration
The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface
Luxury Cosmetics Giant Rituals Discloses Data Breach
AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers 
Apple Patches iOS Flaw Allowing Recovery of Deleted Chats
Recent Microsoft Defender Vulnerability Exploited as Zero-Day
After Bluesky, Mastodon Targeted in DDoS Attack
Most Serious Cyberattacks Against the UK Now From Russia, Iran and China, Cyber Chief Says
ZDNet
This high-tech eye massager makes a great Mother's Day gift - and it's on sale
Watch out, Whoop: I'd switch to Google's new Fitbit tracker if these features are true
Samsung Micro RGB vs. QLED vs. OLED: I compared all three and found a surprising winner
Want free e-books? Stuff Your Kindle Day has 150+ titles discounted - today only
Why I recommend this $450 Samsung phone over competing models by Google and OnePlus
Apple just fixed an iOS flaw exploited by the FBI - here's what happened
How to easily encrypt your files on an Android phone - for free
My favorite MagSafe car charger easily handles bumpy roads (and it's on sale)
5 easy ways you wouldn't think to automate your home - but you really should
The best SEO reporting software of 2026: Expert tested and reviewed
The Hacker News
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
BleepingComputer
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Bitwarden CLI npm package compromised to steal developer credentials
Trigona ransomware attacks use custom exfiltration tool to steal data
New Checkmarx supply-chain breach affects KICS analysis tool
Cosmetics giant Rituals discloses data breach affecting customers
Regular Password Resets Aren’t as Safe as You Think
Microsoft: Some Teams users can’t join meetings after Edge update
UK warns of Chinese hackers using proxy networks to evade detection
New GopherWhisper APT group abuses Outlook, Slack, Discord for comms
CISA orders feds to patch BlueHammer flaw exploited as zero-day
gbhackers
Vercel Confirms Security Breach Affecting Customer Accounts
GitLab Fixes Flaws That Could Allow Attackers to Hijack User Sessions
Outlook Mailboxes Abused to Conceal Linux GoGra Backdoor Traffic
Malicious npm Package Hijacks Hugging Face for Malware Delivery
Outlook Mailboxes Used to Conceal Linux GoGra Backdoor Traffic
Attackers Exploit LMDeploy Flaw in the Wild Within 12 Hours of Advisory
North Korean Fake IT Workers Infiltrate Firms to Dodge Sanctions
Lazarus Lures Developers With Backdoored Coding Tests
Xinference PyPI Breach Exposes Developers to Cloud Credential Theft
Fake Wallpaper App, YouTube Channel Used to Spread notnullOSX Malware
Cybersecurity Dive
AI-written software creates hassles for wary security teams
China disguises cyberattacks with ‘covert network’ botnets, US and allies warn
Iran-nexus threat groups refine attacks against critical infrastructure
Trump’s CISA director pick withdraws after tumultuous nomination
Microsoft SharePoint vulnerability widely exposed across multiple countries
Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says
CISA urges security teams to view environments following axios compromise
Big banks seek to ease security worries as AI push accelerates
CISA confirms exploitation of 3 more Cisco networking device vulnerabilities
Stellantis teams with Microsoft to strengthen digital capabilities
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Dev targeted by sophisticated job scam: 'I let my guard down, and ran the freaking code'
Chinese attackers are pwning your infrastructure to use in attacks, 10 countries warn
Age checks could turn internet into an ID checkpoint, complains Proton CEO
American farms have a new steward for their safety net, disaster programs... Palantir
Medical data of 500k Biobank volunteers listed for sale on Alibaba, UK minister reveals
Hybrid clouds have two attack surfaces and you’re not paying enough attention to either
If malware via monitor cables is a matter of national security, this might be the gadget for you
Using the password 'admin123' wasn't as bad as sharing it on Slack
Pass the key, passwords have passed their sell-by date
Another npm supply chain worm is tearing through dev environments
VentureBeat
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it
Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall
Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds
Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway
Frontier models are failing one in three production attempts — and getting harder to audit
43% of AI-generated code changes need debugging in production, survey finds
TechCrunch
Trump’s pick to run US cyber agency CISA asks to drop out
Vercel says some of its customers’ data was stolen prior to its recent hack
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
France confirms data breach at government agency that manages citizens’ IDs
Apple fixes bug that cops used to extract deleted chat messages from iPhones
Cosmetics giant Rituals confirms data breach of customer membership records
UK government says 100 countries have spyware that can hack people’s phones
Ransomware negotiator pleads guilty to helping ransomware gang
With US spy laws set to expire, lawmakers are split over protecting Americans from warrantless surveillance
North Korean hackers blamed for $290M crypto theft
Network World Security
Network jobs watch: Hiring, skills and certification trends
Cisco switch aimed at building practical quantum networks
How AI is reshaping copper, fiber networking
40% of data center projects will be late this year, study finds
It’s the end of set-and-forget security
2026 network outage report and internet health check
Google bets on workload-specific TPUs with 8t and 8i launch
SUSE bets automated migration can break VMware’s grip on virtualization
How Zero Networks is closing the network enforcement gap for AI agents
Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations
Help Net Security
SC Magazine
Back to (or Start) Fundamentals? - Rajesh Khazanchi - PSW #923
Ring the alarm! Your IT security program has a mobile-app gap
AI-driven cloud attacks reach ‘functional’ maturity, says Unit 42
Now’s the time to get working on post-quantum cryptography
Handling shadow AI at the source: Why the browser is the new control layer
Trump's CISA director nominee exits consideration for leadership role
House GOP eyes nationwide rules on data collection
AI-assisted phishing attacks on the rise, report finds
Unsecured database exposes Three Trees customer, delivery driver data
Over $12M stolen in North Korean crypto heist against web developers
© 2026 RiskDiscovery | Sponsored by: Deception Logic