[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Hims Breach Exposes the Most Sensitive Kinds of PHI
Your Next Breach Will Look Like Business as Usual
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
Orange Business Reimagines Enterprise Voice Communications With Trust and AI
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
Do Ceasefires Slow Cyberattacks? History Suggests Not
Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers
Ars Technica
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
Cloud service providers ask EU regulator to reinstate VMware partner program
CyberScoop
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Why is the timeline to quantum-proof everything constantly shrinking?
Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’
Don’t just fight fraud, hunt it
Hack-for-hire spyware campaign targets journalists in Middle East, North Africa
Feds quash widespread Russia-backed espionage network spanning 18,000 devices
Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities
Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn
Cybercrime losses jumped 26% to $20.9 billion in 2025
InfoSecurity Magazine
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies
STX RAT Targets Finance Sector With Advanced Stealth Tactics
Bitcoin Depot Reports $3.6m Crypto Theft After System Breach
Atomic Stealer MacOS ClickFix Attack Bypasses Apple Security Warnings
Middle East Hack-for-Hire Operation Traced to South Asian Cyber Espionage Group
Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs
Google Warns of New Threat Group Targeting BPOs and Helpdesks
Google API Keys Quietly Gain Access to Gemini on Android Devices
Critical Vulnerability in Ninja Forms Exposes WordPress Sites
SecurityWeek
In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack
Juniper Networks Patches Dozens of Junos OS Vulnerabilities
Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday
Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000
MITRE Releases Fight Fraud Framework
Critical Marimo Flaw Exploited Hours After Public Disclosure
Google Rolls Out Cookie Theft Protections in Chrome
Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users
Apple Intelligence AI Guardrails Bypassed in New Attack
ZDNet
This handy electric screwdriver is now 50% off - here's where to snag the deal
This Ryobi yard essentials bundle packs a free power tool - how to get yours
'Finally, a boomless headset for the office': How Jabra made headphones I'd take to a boardroom
I used this EcoFlow battery to run my 3,000-sq-ft home in a blackout - here's how it kept my AC on
Microsoft's Windows Insider Program is no longer a confusing mess
Forget Shokz: I tried the Suunto Spark earbuds for a month, and they've sold me on air conduction
iOS 26.4 brings essential upgrades to your iPhone - including a vital security fix
YouTube Premium's price goes up to $15.99 in June - but you can save $32 with one change
Your router may be vulnerable to Russian hackers, FBI warns: 5 steps to take now
I walked 3,000 steps with my Apple Watch, Google Pixel, and Oura Ring - this tracker was most accurate
The Hacker News
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
The Hidden Security Risks of Shadow AI in Enterprises
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
BleepingComputer
Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
Microsoft: Canadian employees targeted in payroll pirate attacks
Google rolls out Gmail end-to-end encryption on mobile devices
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
New VENOM phishing attacks steal senior executives' Microsoft logins
Healthcare IT solutions provider ChipSoft hit by ransomware attack
Google Chrome adds infostealer protection against session cookie theft
Smart Slider updates hijacked to push malicious WordPress, Joomla versions
gbhackers
Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries
EngageSDK Vulnerability puts millions of crypto wallets at risk
Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data
Fake BTS Tour Ticket Scams Target Fans Worldwide
Iranian APT alert: 5,219 Rockwell PLCs exposed online
Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy
HPE Aruba Private 5G Vulnerability Opens Door to Credential Theft Attacks
TP-Link Devices at Risk as Multiple Security Flaws Enable Takeover
Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action
New React Server Components Flaw Could Let Attackers Trigger DoS
Cybersecurity Dive
Stryker warns of earnings fallout from March cyberattack
Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign
NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog
US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure
Iran-linked hackers target water, energy in US, FBI and CISA warn
CISA’s vulnerability scans, field support on chopping block in Trump budget
React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data
Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface
Threat cluster launches extortion campaign using social engineering
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
CPUID site hijacked to serve malware instead of HWMonitor downloads
Project Glasswing and open source software: The good, the bad, and the ugly
Britain seeks views before it drops the hammer on signal jammers
Unpacking AI security in 2026 from experimentation to the agentic era
Crypto? Huh. Good gawd y'all, what is it good for? $45M in this case
'Several dozen' high-value corporations hit by new extortion crew in helpdesk phishing spree
Chevin pulls the handbrake on FleetWave software after security scare
Months-old Adobe Reader zero-day uses PDFs to size up targets
Microsoft locks out VeraCrypt and WireGuard devs, blames verification process
Security researchers tricked Apple Intelligence into cursing at users. It could have been a lot worse
VentureBeat
Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook
AI agents that automatically prevent, detect and fix software issues are here as NeuBird AI launches Falcon, FalconClaw
Closing the data security maturity gap: Embedding protection into enterprise workflows
OCSF explained: The shared data language security teams have been missing
In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now
Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected
CrowdStrike, Cisco and Palo Alto Networks all shipped agentic SOC tools at RSAC 2026 — the agent behavioral baseline gap survived all three
TechCrunch
France to ditch Windows for Linux to reduce reliance on US tech
Hacker stole £700,000 from UK energy company by redirecting payment
WireGuard VPN developer can’t ship software updates after Microsoft locks account
Hack-for-hire group caught targeting Android devices and iCloud backups
Hackers steal and leak sensitive LAPD police documents
Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account
Final 3 days to save up to $500 on your TechCrunch Disrupt 2026 pass
Iranian hackers are targeting American critical infrastructure, US agencies warn
Anthropic debuts preview of powerful new AI model Mythos in new cybersecurity initiative
Russian government hackers broke into thousands of home routers to steal passwords
Network World Security
Intel secures Google cloud and AI infrastructure deal
OpenAI puts part of Stargate project on hold over runaway power costs
Broadcom strikes chip deals with Google, Anthropic
Cisco: Latest news and insights
Google owns the most AI compute, and it built it its way
Cisco to acquire Galileo for AI observability
Nvidia: Latest news and insights
Top network and data center events of 2026
Neoclouds gain momentum in a supply-constrained world
Lumen: Upstream network visibility is enterprise security’s new front line
Help Net Security
ClickFix campaign delivers Mac malware via fake Apple page
Poisoned “Office 365” search results lead to stolen paychecks
Gmail’s end-to-end encryption comes to mobile, no extra apps required
To counter cookie theft, Chrome ships device-bound session credentials
Little Snitch for Linux shows what your apps are connecting to
Apiiro CLI turns AI coding assistants into full-stack security engineers
April 2026 Patch Tuesday forecast: Spring-cleaning of a preview
What vibe hunting gets right about AI threat hunting, and where it breaks down
Health insurance lead sites sell personal data within seconds of form submission
Product showcase: Session, a messenger without phone numbers or metadata
SC Magazine
Chrome 146 introduces device bound session credentials to combat info-stealing malware
Apiiro launches CLI to integrate application security into AI development workflows
Global crypto scam disrupted, $12 million recovered in Operation Atlantic
Blind spots at scale: The hidden risks of identity visibility gaps and shadow AI
Bessent, Powell met privately with top bankers over impact of Claude Mythos on cybersecurity 
Zephyr Energy loses £700,000 in payment fraud attack
China supercomputer breach: 10 petabytes of military data allegedly stolen by 'FlamingChina'
New Lua malware LucidRook targets Taiwanese NGOs
Cryptographers bet on quantum computing's impact on encryption
Adobe Reader zero-day exploit used in months-long cyber campaign
© 2026 RiskDiscovery | Sponsored by: Deception Logic