[
News
|
Newsletters
|
Blogs
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
JadePuffer: The First Complete LLM-Driven Ransomware Attack
Chinese LLMs Broaden the Gap Between Attackers & Defenders
Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBs
Apple Reverses Age-Old Patch Policy to Keep Up With AI
FortiBleed Actors Collaborating With Inc, Lynx Ransomware Gangs
Ransomware Thugs Masquerade as Interpol to Entice Small Biz
Anthropic's AI Finds Bugs. IBM Bets $5B It Can Fix Them.
Crafty Phishing Campaigns Auto-Adapt to Victim's Device, OS
And the Winner in Dominant Malware Delivery? ClickFix
When Too Much Security Data Becomes the Risk
Ars Technica
Newly discovered PamStealer isn't your typical macOS malware
T-Mobile moving tens of thousands of virtual machines off VMware amid lawsuit
New attack provides one more reason why AI browsers are a bad idea
US offers $10 million for info on group behind Signal and WhatsApp hacking spree
Notion killing Skiff-influenced email app since most users use AI agents instead
One-two punch delivered in global operation disrupts cybercrime "assembly line"
White House drastically shortens deadline for dropping quantum-vulnerable crypto
Oracle’s 21,000 layoffs help drive its debt-fueled AI investments
Following user outcry, AMD reinstates memory encryption in consumer CPUs
Microsoft discovers new lightweight backdoor that steals cryptocurrency
CyberScoop
US Army websites defaced with pro-Kurdish sentiments, insults to Trump
Sysdig clocks first documented case of agentic ransomware
Finding vulnerabilities was never the hard part
Someone infected a spyware probe overseer with spyware
Alleged longstanding member of Scattered Spider extradited to US
Researchers spot exploitation of another critical Oracle defect
US lifting export control restrictions on Anthropic’s Mythos, Fable
This phishing kit looks more like BEC-as-a-service
Citrix patches a new NetScaler flaw with echoes of CitrixBleed
Trump budget boss Russell Vought open to re-staffing CISA
InfoSecurity Magazine
New Iran-Nexus Hacking Group Targets Israel Government and IT Sectors
Indirect Prompt Injection in Web Content Targets AI Agents
Opera GX Flaw Let Sites Auto-Install Mods to Steal Data
NCA Issues Warning to Parents As Shared Child Photos Exploited by AI Tools
Researchers Claim First Fully Agentic Ransomware: JadePuffer
Qilin Dominates Ransomware Market Amid Growing Cybercrime Consolidation
Warning Over “Industrialized” Cyber-Attacks After Ransomware Gang Partners With TeamPCP
FBI, Google Take Down NetNut Proxy Network Used by Cyber Threat Actors
Researcher Behind 'Exploitarium' Explains Release of Undisclosed Zero-Day Exploits
Cybercriminals Pose as Interpol in Phishing Emails to Infect Victims With Ransomware
SecurityWeek
The Shift Toward Business-Aligned Risk Management
Armored Likho APT Targeting Government, Electric Power Entities
North Korean Hackers Target Open Source Developers in Supply Chain Attacks
Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability
Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments
In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting
Agentic AI Used to Conduct Ransomware Attack via Langflow
Medtronic Data Breach Impacts 3.8 Million People
Alleged Scattered Spider Hacker Extradited to US
Google, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of Devices
ZDNet
How I turned an old Android phone into my home internet backup solution - 3 methods
I sideloaded 3 apps into my Android Auto, and they've made my drives so much easier
I tested the new Claude Desktop on Linux - here's how it compares to rival apps
I'm recommending this 14-inch HP laptop to almost everyone in 2026 - even with the RAM crisis
Want to convince a Windows user to try Linux? Here's how I do it
Installing plug-in solar at home? Watch for these 6 expert-backed safety concerns
The last Android Auto app I expected to enjoy was Adobe Acrobat - but it's actually useful
I tried the best-looking laptop of 2026, and its battery life was the real surprise
Claude Fable 5 is back, but I'm sticking with Opus 4.8 for daily work: 5 reasons why
I found 4 Bluetooth gadgets that are highly functional - and cheap
The Hacker News
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure
⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More
How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions
Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT
New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions
New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS
Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages
SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
BleepingComputer
Vietnam arrests suspects behind HiAnime anime piracy service
Software Is Now Written at the Speed of Thought. Security Isn't.
Max severity Adobe ColdFusion flaw now exploited in attacks
Flipper Zero firmware development continues with community help
JadePuffer ransomware used AI agent to automate entire attack
NetNut proxy network disrupted, 2 million infected devices cut off
ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit
Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
Claude Fable relaunch disappoints users with nerfed performance
Google loses final appeal to overturn €4.1 billion EU fine
gbhackers
Insignary Closes SBOM Accuracy Gap With Binary-Level Clarity for Regulatory Risk
Hackers Use Trusted Microsoft Domain and One-Time Codes to Hijack Corporate Accounts
Veeam Backup BinaryFormatter Flaw Enables Remote Code Execution
Go-Based Gentlemen Ransomware Uses PsExec, WMIC, and PowerShell Remoting for Network Propagation
Critical Opera GX Vulnerability Lets Attackers Inject CSS Across Every Webpage
Critical fast-mcp-telegram Vulnerability Lets Attackers Access Telegram Session Without Token
SilverFox Campaign Turns ValleyRAT Into Multi-Stage Malware With Rootkit Capabilities
FIFA World Cup Phishing Scam Uses Fake Reward Pages to Steal Credit Card Data
Microsoft Warns Windows 11 Enterprise Devices May Boot to Black Screen After Updates
IBM WebSphere Application Server Hit by Critical XSS and Path Traversal Vulnerabilities
Cybersecurity Dive
Alleged member of Scattered Spider extradited to US
Why schools are easy prey for hackers — and why they struggle to fight back
The security leaders defining the next decade aren’t in CISO seats yet
FortiBleed campaign traced to INC and Lynx ransomware operations
Most cybersecurity workers have been told to conceal a breach, report finds
Critical flaw in Oracle E-Business Suite is under immediate threat
Anthropic reactivates Fable, Mythos after securing government approval
Critical flaw in SimpleHelp exploited in attacks targeting sensitive credentials
DHS proposes new system for public-private infrastructure security collaboration
Insurance body confirms hackers posted Oracle PeopleSoft breach data
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
EU urged to act after Pegasus infects phone of spyware inquiry MEP
Brit supermarket giant triples down on facial recog to nab shoplifters
Moody Bible Institute breach leaves 2.3M accounts needing salvation, says cyber expert
Secure Unix ancestor KSOS did type safety before Rust made it cool
MFA-optional banks leave safe doors (and accounts) wide open for thieves to pillage
Confidential computing's core trust mechanism is broken. The fix may not exist
AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data
NetNut cracked as Google and FBI target 2 million-device botnet
User swore hacker called General Failure had invaded his PC
Dev says Google warned him about account hijack – then charged him $11,000 anyway
VentureBeat
Digital resilience compounds when AI and human expertise scale together
The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.
Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers
Autonomous security agents need complete data. Here's how to check if yours is ready.
Frontier AI is rewriting the economics of software supply chain security
Visa will offer an inside look at Project Glasswing and how the most powerful agentic models are changing enterprise security at VB Transform 2026
7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes
TechCrunch
Canadian spy agency says it hacked drug traffickers, extremists, and a ransomware gang last year
Alibaba reportedly bans employees from using Claude Code
Politician who investigated spyware abuses had his phone hacked with Pegasus spyware
US government says it got hacked — again
In major privacy win, Supreme Court rules geofence warrants are protected by privacy rights
Russian hackers were behind $2.5B hack of Jaguar Land Rover: Report
Polymarket says hackers stole users’ funds
Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats
Cellebrite said it cut off Russia, but Russia used its tools anyway
New website names and shames companies that still don’t offer passkeys to users
Network World Security
Network evolution for the Agentic AI era
Meta reuses old RAM in new servers with custom bridge chip
Cloud sovereignty: First four providers sign up to CISPE certification program
Cheap Chinese chips could offer way out of RAM price crisis, Apple suggests
Cisco details Live Protect’s real-time threat mitigation capabilities
What Meta, Oracle moves say about data center economics
Network jobs watch: Hiring, skills and certification trends
Kyndryl: AI success hinges on workforce readiness
Netgear brings AI-driven network management to SMEs and MSPs
2026 network outage report and internet health check
Help Net Security
Criminal IP integrates threat intelligence with OpenCTI for automated indicator enrichment
LTM’s BlueVerse RightLogic combines AI risk assessment with cyber remediation planning
OpenSSH 10.4 arrives with security fixes and a post-quantum signature option
How to prioritize AI agent security by business impact
Securing the inbox: Where identity, brand and security meet
Omnigent: Open-source AI agent framework and meta-harness
Product showcase: Is that text a scam? Malwarebytes Mobile Security can help you find out
Flipper Zero firmware development gets a fresh set of community rules
OAuth, guest accounts, and weak MFA drive SaaS risk
The future of payment fraud could be automated
SC Magazine
In the AI era, we still need humans to do the remediation work
Palo Alto Networks and Koi Security sued over alleged AI hallucinations in security report
Confidential computing's remote attestation protocol may have fundamental flaw
US government agency pays $1 million to data extortion group Kairos
7 vulnerabilities found in widely used FatFs library
Government and healthcare sectors show weak email security, analysis finds
Mastering agent permissions and Identiverse interviews - Amir Ofek, Howard Ting, Ajay Gupta, Sandy Bird - ESW #466
Beyond the AI Hype, Cyber Readiness in the Age of AI - Gibb Witham - SWN #595
The context gap: Building trusted agents in the age of AI-accelerated exploitation
Medtronic warns patients of data exposure following April cyberattack
© 2026 RiskDiscovery | Sponsored by:
Deception Logic