[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
GISEC GLOBAL 2026 – The Middle East & Africa’s Largest Cybersecurity Event
The CISO-COO Partnership: Protecting Operational Excellence
React2Shell Exploits Flood the Internet as Attacks Continue
Vibe Coding: Innovation Demands Vigilance
Microsoft Will Bundle Security Copilot With M365 Enterprise Licenses
Supply Chain Attacks Targeting GitHub Actions Increased in 2025
Are Trade Concerns Trumping US Cybersecurity?
Hamas-Linked Hackers Probe Middle Eastern Diplomats
Money Mules Require Banks to Switch from Defense to Offense
Encouraging Industry Voices to Write for the Commentary Section
Ars Technica
OpenAI built an AI coding agent and uses it to improve the agent itself
OpenAI releases GPT-5.2 after “code red” Google threat alert
Disney invests $1 billion in OpenAI, licenses 200 characters for AI video app Sora
Oracle shares slide on $15B increase in data center spending
A new open-weights AI coding model is closing in on proprietary options
Operation Bluebird wants to relaunch “Twitter,” says Musk abandoned the name and logo
Meta offers EU users ad-light option in push to end investigation
In comedy of errors, men accused of wiping gov databases turned to an AI tool
Admins and defenders gird themselves against maximum-severity server vuln
Microsoft drops AI sales targets in half after salespeople miss their quotas
CyberScoop
DOJ sues Fulton County over 2020 voter data 
Trump moves to pardon Colorado election clerk Tina Peters, even though he can’t
Warrant requirements, Democratic worries could factor into spy law renewal debate
New cybersecurity guidance paves the way for AI in critical infrastructure 
Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims
As White House moves to send AI chips to China, Trump’s DOJ prosecutes chip smugglers
US charges hacker tied to Russian groups that targeted water systems and meat plants
The 10 key reforms that can close America’s cybersecurity gaps
Organizations can now buy cyber insurance that covers deepfakes
Microsoft’s last Patch Tuesday of 2025 addresses 57 defects, including one zero-day
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
20+ useful Roku shortcuts and menus that every user should know about (and how to access them)
The 5 most innovative tech products that surprised us this year (including a first for robot vacs)
Stop using your router's USB port - what PC experts recommend instead
How to install and configure Claude Code, step by step
The 9 tech gadgets I couldn't live without in 2025 (and they don't include AirTags)
How I use AI to bring my kid's art to life - and why it's a fun learning opportunity
The best iPad Air cases of 2025: Expert tested
You can save over $250 on this OnePlus Pad 3 bundle - here's how to qualify
Should you ever turn off Windows Security? It's tricky, but here's my rule of thumb
I'm a shopping editor, and this is the No. 1 reason I prefer Best Buy over Amazon for tech purchases
The Hacker News
CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads
New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale
Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories
NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems
BleepingComputer
Beware: PayPal subscriptions abused to send fake purchase emails
CyberVolk’s ransomware debut stumbles on cryptography weakness
Apple fixes two zero-day flaws exploited in 'sophisticated' attacks
Coupang data breach traced to ex-employee who retained system access
Fake ‘One Battle After Another’ torrent hides malware in subtitles
Kali Linux 2025.4 released with 3 new tools, desktop updates
Shadow spreadsheets: The security gap your tools can’t see
New Windows RasMan zero-day flaw gets free, unofficial patches
CISA orders feds to patch actively exploited Geoserver flaw
MITRE shares 2025's top 25 most dangerous software weaknesses
Cybersecurity Dive
React issues new patches after security researchers flag additional flaws
CISA updates cybersecurity benchmarks for critical infrastructure organizations
Cyberattacks force small firms to raise prices: ITRC
Grid-scale battery energy storage systems face heightened risk of cyberattack
React Server Components crisis escalates as security teams respond to compromises
Pro-Russia hacktivists launching attacks that could damage OT
Majority of global firms plan to boost cyber spending in 2026
Initial access brokers involved in more attacks, including on critical infrastructure
Ransomware peaked in 2023 prior to law enforcement actions
Major drug research company confirms cyberattack compromised employee and partner data
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit
New React vulns leak secrets, invite DoS attacks
Microsoft promises more bug payouts, with or without a bounty program
Uncle Sam sues ex-Accenture manager over Army cloud security claims
UK watchdog urged to probe GDPR failures in Home Office eVisa rollout
Half of exposed React servers remain unpatched amid active exploitation
Crypto-crasher Do Kwon jailed for 15 years over $40bn UST bust
Russian hackers debut simple ransomware service, but store keys in plain text
Google fixes super-secret 8th Chrome 0-day
LastPass hammered with £1.2M fine for 2022 breach fiasco
VentureBeat
Anthropic vs. OpenAI red teaming methods reveal different security priorities for enterprise AI
AI models block 87% of single attacks, but just 8% when attackers persist
Hybrid cloud security must be rebuilt for an AI war it was never designed to fight
Prompt Security's Itamar Golan on why generative AI security requires building a category, not a feature
DeepSeek injects 50% more security bugs when prompted with Chinese political triggers
For AI to succeed in the SOC, CISOs need to remove legacy walls now
Human-centric IAM is failing: Agentic AI requires a new identity control plane
TechCrunch
Google and Apple roll out emergency security updates after zero-day attacks
Data breach at credit check giant 700Credit affects at least 5.6 million
Home Depot exposed access to internal systems for a year, says researcher
Flaw in photo booth maker’s website exposes customers’ pictures
Security flaws in Freedom Chat app exposed users’ phone numbers and PINs
CEO of South Korean retail giant Coupang resigns after massive data breach
Petco takes down Vetco website after exposing customers’ personal information
FTC upholds ban on stalkerware founder Scott Zuckerman
Petco’s security lapse affected customers’ SSNs, driver’s licenses, and more 
Petco confirms security lapse exposed customers’ personal data
Network World Security
Cloud providers continue to push EU court to undo Broadcom-VMware merger
FinOps Foundation sharpens FOCUS to reduce cloud cost chaos
P4 programming: Redefining what’s possible in network infrastructure
Aetherflux joins the race to launch orbital data centers by 2027
Here’s what Oracle’s soaring infrastructure spend could mean for enterprises
New Nvidia software gives data centers deeper visibility into GPU thermals and reliability
Arista goes big with campus wireless tech
Network jobs watch: Hiring, skills and certification trends
Cybersecurity skills matter more than headcount in an AI era: ISC2 study
Most significant networking acquisitions of 2025
Help Net Security
Week in review: 40 open-source tools securing the stack, invisible IT to be the next workplace priority
ImmuniWeb enhances AI vulnerability testing and compliance reporting
Swissbit adds HID Seos to iShield Key 2
Firewalla Orange brings zero trust anywhere
What 35 years of privacy law say about the state of data protection
LLM privacy policies keep getting longer, denser, and nearly impossible to decode
Ransomware keeps widening its reach
Uneven regulatory demands expose gaps in mobile security
New infosec products of the week: December 12, 2025
Thales expands AI ecosystem protection with application and RAG security tools
InfoSecurity Magazine
NCSC Plugs Gap in Cyber-Deception Guidance
ICO Fines LastPass £1.2m After 2022 Breach
South Korean Police Raid Coupang Over Data Breach as CEO Resigns
OpenAI Enhances Defensive Models to Mitigate Cyber-Threats
Malware Discovered in 19 Visual Studio Code Extensions
Scam-Busting FCA Firm Checker Tool Given Cautious Welcome
Google Releases Critical Chrome Security Update to Address Three Zero-Days
“Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After Breach
ClickFix Social Engineering Sparks Rise of CastleLoader Attacks
Pro-Russia Hackers Target US Critical Infrastructure in New Wave
© 2025 RiskDiscovery | Sponsored by: Deception Logic