[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Claude Code Security Shows Promise, Not Perfection
Marquis v. SonicWall Lawsuit Ups the Breach Blame Game
Cisco SD-WAN Zero-Day Under Exploitation for 3 Years
Chinese Police Use ChatGPT to Smear Japan PM Takaichi
Flaws in Claude Code Put Developers' Machines at Risk
RAMP Forum Seizure Fractures Ransomware Ecosystem
PCI Council Says Threats to Payments Systems Are Speeding Up
Malicious Next.js Repos Target Developers Via Fake Job Interviews
Why 'Call This Number' TOAD Emails Beat Gateways
'Richter Scale' Model Measures Magnitude of OT Cyber Incidents
Ars Technica
New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises
Password managers' promise that they can't see your vaults isn't always true
Most VMware users still "actively reducing their VMware footprint," survey finds
Retraction: After a routine code rejection, an AI agent published a hit piece on someone by name
OpenAI sidesteps Nvidia with unusually fast coding model on plate-sized chips
Attackers prompted Gemini over 100,000 times while trying to clone it, Google says
Once-hobbled Lumma Stealer is back with lures that are hard to resist
OpenAI researcher quits over ChatGPT ads, warns of "Facebook" path
Sixteen Claude AI agents working together created a new C compiler
Malicious packages for dYdX cryptocurrency exchange empties user wallets
CyberScoop
Gottumukkala out, Andersen in as acting CISA director
Project Compass is Europol’s new playbook for taking on The Com
Senate moves one step closer to passing health care cyber reforms 
Governments issue warning over Cisco zero-day attacks dating back to 2023
Vulnerabilities grew like weeds in 2025, but only 1% were weaponized in attacks
Across party lines and industry, the verdict is the same: CISA is in trouble
Chinese group’s ChatGPT use reveals worldwide harassment campaign against critics
Ex-L3Harris executive sentenced to 87 months in prison for selling zero-day exploits to Russian broker
CrowdStrike says attackers are moving through networks in under 30 minutes
Anthropic accuses Chinese labs of trying to illicitly take Claude’s capabilities
InfoSecurity Magazine
North Korea's APT37 Expands Toolkit to Breach Air-Gapped Networks
UK Vulnerability Monitoring Service Cuts Unresolved Security Flaws by 75%
‘Project Compass’ Cracks Down on ‘The Com’: 30 Members of Notorious Cybercrime Gang Arrested
Aeternum Botnet Shifts Command Control to Polygon Blockchain
Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks Intensify
UK's Data Watchdog Gets a Makeover to Match Growing Demands
Exploitable Vulnerabilities Present in 87% of Organizations
Google Disrupts ‘Prolific’ and ‘Elusive’ China-Linked Global Hacking Campaign
Global Cyber Agencies Urge Immediate Patching of Cisco SD-WAN Zero Day
44% Surge in App Exploits as AI Speeds Up Cyber-Attacks, IBM Finds
SecurityWeek
In Other News: ATT&CK Advisory Council, Russian Cyberattacks Aid Missile Strikes, Predator Bypasses iOS Indicators
38 Million Allegedly Impacted by ManoMano Data Breach
900 Sangoma FreePBX Instances Infected With Web Shells
Chilean Carding Shop Operator Extradited to US
Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline
Aeternum Botnet Loader Employs Polygon Blockchain C&C to Boost Resilience
Juniper Networks PTX Routers Affected by Critical Vulnerability 
Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking
Apple iPhone and iPad Cleared for Classified NATO Use
Four Risks Boards Cannot Treat as Background Noise
ZDNet
Destroyed servers and DoS attacks: What can happen when OpenClaw AI agents interact
What to expect at MWC 2026: Best phones I'm anticipating from Xiaomi, Motorola, and more
I'm a Linux power user, but NixOS has made me rethink what an operating system can be
I bought this bizarre wireless charger for my Apple Watch, and it's already saved me multiple times
Is Microsoft really spying on you with Windows telemetry?
A month with Lenovo's most powerful ThinkPad changed my mind about work laptops
Is this $170 Oura Ring alternative with no subscription fees legit? My verdict after weeks of wear
Lenovo is selling a $99 Android tablet for a limited time - and I actually recommend it
What is Bluetooth 6.0? How the latest standard fixes audio problems we'd learned to live with
I connected a Bluetooth Auracast receiver to my TV, and it's a worthwhile home audio upgrade
The Hacker News
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories
Expert Recommends: Prepare for PQC Right Now
Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
BleepingComputer
Third-Party Patching and the Business Footprint We All Share
Ukrainian man pleads guilty to running AI-powered fake ID site
Previously harmless Google API keys now expose Gemini AI data
Trend Micro warns of critical Apex One code execution flaws
European DYI chain ManoMano data breach impacts 38 million customers
Critical Juniper Networks PTX flaw allows full router takeover
Olympique Marseille confirms 'attempted' cyberattack after data leak
Ransomware payment rate drops to record low as attacks surge
Microsoft expands Windows restore to more enterprise devices
New York sues Valve for promoting illegal gambling via game loot boxes
gbhackers
Researchers Unveil Aeternum C2 Infrastructure with Advanced Evasion and Persistence Tactics
Stored XSS Vulnerability in RustFS Console Puts S3 Admin Credentials at Risk
Study Finds 87% of Organizations Exposed to Attacks Due to Known Vulnerabilities
Dohdoor Malware Targets U.S. Schools and Healthcare with Multi-Stage Attack
Critical Trend Micro Apex One Vulnerabilities Allow Remote Malicious Code Execution
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor in Developer Environments
Infostealers Drive Massive Brute-Force Attacks on Corporate SSO Gateways with Stolen Credentials
1 Million Records from Dutch Telco Odido Leaked Online in Massive Data Breach
FreeBSD Vulnerabilities Enable Attackers to Crash Entire System
Vshell Gains Popularity Among Cybercriminals as Cobalt Strike Alternative
Cybersecurity Dive
UFP Technologies investigating cyberattack that impacted company data
AI accelerates lateral movement in cyberattacks
CISA orders agencies to patch Cisco devices now under attack
Software vulnerabilities are being weaponized faster than ever
China-linked hackers breached dozens of telecoms, government agencies
In the AI era, CISOs worry about data leaks and doubt tech will solve skills gaps
Threat groups move at record speeds, as AI helps scale attacks
Hackers target vulnerabilities in Roundcube Webmail
AI helps novice threat actor compromise FortiGate devices in dozens of countries
AI vs. AI: Why cybersecurity’s new front line is behavioral intelligence
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
French DIY etailer ManoMano admits customer data stolen
Cops back Dutch telco Odido after second wave of ShinyHunters leaks
Rapid AI-driven development makes security unattainable, warns Veracode
Scattered Lapsus$ Hunters auditioning female voices to sharpen social engineering
Five Eyes warn: Patch your Cisco SD-WAN or risk root takeover
Claude collaboration tools left the door wide open to remote code execution
Google catches Beijing spies using Sheets to spread espionage across 4 continents
Fake 'interview' repos lure Next.js devs into running secret-stealing malware
Ex-L3Harris exec jailed 7 years for selling exploits to Russia
Wynn Resorts takes attacker's word for it that stolen staff data was deleted
VentureBeat
Claude didn't just plan an attack on Mexico's government. It executed one for a month — across four domains your security stack can't see.
Anthropic says DeepSeek, Moonshot, and MiniMax used 24,000 fake accounts to rip off Claude
Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond
Microsoft Copilot ignored sensitivity labels twice in eight months — and no DLP stack caught either one
How attackers hit 700 organizations through CX platforms your SOC already approved
Most ransomware playbooks don't address machine credentials. Attackers know it.
How to test OpenClaw without giving an autonomous agent shell access to your corporate laptop
TechCrunch
Cisco says hackers have been exploiting a critical bug to break into big customer networks since 2023
Spyware makers sentenced to prison in Greece for wiretapping politicians and journalists
US cybersecurity agency CISA reportedly in dire shape amid Trump cuts and layoffs
Inside the story of the US defense contractor who leaked hacking tools to Russia
Former L3Harris Trenchant boss jailed for selling hacking tools to Russian broker
CarGurus data breach affects 12.5 million accounts
Treasury sanctions Russian zero-day broker accused of buying exploits stolen from US defense contractor
Marquis sues firewall provider SonicWall, alleges security failings with its firewall backup led to ransomware attack
Conduent data breach grows, affecting at least 25M people
Americans are destroying Flock surveillance cameras
Network World Security
Enterprise Spotlight: Data Center Modernization
Why do data centers need so much water?
ControlMonkey extends configuration disaster recovery to cloud network vendors
IBM X-Force: AI creates security challenges, but basic system flaws are more problematic
Netskope targets AI-driven network bottlenecks with AI Fast Path
AMD: Latest news and insights
AMD strikes massive AI chip deal with Meta
From packets to prompts: What Cisco’s AITECH certification means for IT pros
HPE’s latest Juniper routers target large‑scale AI fabrics
Nvidia: Latest news and insights
Help Net Security
IronCurtain: An open-source, safeguard layer for autonomous AI assistants
Meta tightens grip on scam advertisers
Europol goes after The Com’s ransomware and extortion networks
Android 17 second beta expands privacy controls for contacts, SMS and local networks
Microsoft taps ASUS and Dell for the Windows 365 Cloud PC strategy
Illumio Insights brings agentless visibility and breach containment to hybrid environments
AuthMind enhances identity observability to secure vaults, secrets, and NHIs
Ransomware activity peaks outside business hours
NATO greenlights iPhone and iPad for classified information handling
Oculeus 2FN authenticates calls in real time to stop CLI spoofing
SC Magazine
All-in-one RAT combines credential theft, ransomware, DDoS and more
FTC clarifies COPPA age verification exemption
Expert: Vulnerability prioritization is a persistent problem
Cyberattacks driven by vulnerability exploitation, report finds
Unsecured Elasticsearch database leaks Dungeon Crusher players' purchase data
Toll of TriZetto breach surpasses 3M
Wynn Resorts confirms breach, believes data deletion claims
RCE, API credential theft likely with now-patched Claude Code vulnerabilities
OpenAI: ChatGPT weaponized in Chinese influence campaign
Malicious Next.js repositories target software developers
© 2026 RiskDiscovery | Sponsored by: Deception Logic