[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
Pakistan Spies on Afghan Finance Ministry With Xeno RAT
Attackers Use AI to Automate EDR Evasion Testing
Tropical Blend: Cyber & Politics Ramp Up Across Latin America
Cyber Insurance Rates Are Dropping, but Exclusions Widen
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
Malicious Notifications Could Trick Google Gemini Users
Global Stock Exchange Hit by Monthslong Email Campaign
Zoom CISO: AI as a Security Enabler, Not Role-Replacer
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
Ars Technica
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
US's big bet on quantum computing may not be entirely legal
Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption
A hacker group is poisoning open source code at an unprecedented scale
US government takes $2 billion equity stake in nine quantum computing firms
CyberScoop
Inside the race to adapt to an AI-powered security world
European authorities crack down on illegal streaming networks
DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
DOD wants to integrate cyber in all operations, and integrate security into AI
Trump administration releases scaled-back AI executive order
Anthropic expanding access to Project Glasswing
Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight
USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order 
Election threats are focused on campaign systems, not voting machines
InfoSecurity Magazine
Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns
Chinese-Speaking Actor TA4922 Widens Its Global Reach
Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark
Infosecurity Europe: How Proton Fights Against Cybercriminals Using Its Services
Infosecurity Europe: How Businesses Can Prepare for a Cybersecurity Crisis with Effective Plans
Infosecurity Europe: Ukraine’s Experience Highlights the Need for Preparation and Resilience in Cybersecurity
Infosecurity Europe: Raise Security Concerns with Procurement Now, Because Quantum Can’t Wait
Infosecurity Europe: Vulnerability Management Innovator Konvu Wins Cyber Startup Award
Trump Signs Order Inviting Voluntary Review of Frontier AI Models
SecurityWeek
Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk
Webinar Today: Third-Party Risk in Practice – Where Programs Break Down and How to Respond
Willow Raises $7 Million for Securing Autonomous AI Agents
Gemini Voice Assistant Hijacked via Messaging Notifications
Mirasvit Vulnerability Exploited to Execute Code on Magento Servers
Chinese Cybercrime Group in Spotlight for Record Campaign Pace
Over 1.4 Million Accounts Disrupted in Cybercrime Crackdown
Cisco Warns of Available PoC for Critical Unified CM Vulnerability
VS Code Vulnerability Allows One-Click GitHub Token Theft
Coralogix Raises $200M at $1.6B Valuation to Scale AI Observability Platform
ZDNet
Motorola Razr Fold vs. Razr Ultra: I tested both phones for a month - this one's better
Hate the right-click menu in Windows? Microsoft just promised to let you tweak it - soon
I flew 2,700 miles with 4 headphones - this pair was the best travel companion
Samsung's R95H Micro RGB impressed me more than any TV since my first OLED
This 65-inch Hisense TV is already on sale for Prime Day - and I recommend it
I compared two of the best Android camera phones right now - it came down to the wire
I wore the Oura Ring 5 for 24 hours - and it fixes my biggest issue with Ring 4
Is Microsoft 365 Premium worth it? What $20 a month gets you - and how it compares to ChatGPT Plus
The 5 coolest gadgets I saw at Computex 2026 (that you can eventually buy)
Walmart has even better early Prime Day deals than Amazon - these are our favorites
The Hacker News
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months
DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
BleepingComputer
UN food agency discloses breach affecting 600,000 Gaza households
New IronWorm malware hits 36 packages in npm supply-chain attack
Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
Microsoft blames unexpected Windows driver updates on caching issue
Police dismantles fake ID marketplace used by migrant smugglers
Cisco warns of critical Unified CM flaw with PoC exploit code
Chinese hackers use new Atlas RAT malware in European cyberattacks
U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors
CISA warns of cyberattacks targeting fuel tank monitoring systems
New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute
gbhackers
Fake Ghidra, dnSpy & SpiderFoot Sites Used to Spread Malware
Supply Chain Attack Hits Dozens of npm Packages via binding.gyp
Malicious Ads Target macOS Users with FlutterShell Backdoor
Comodo Internet Security 0-Day Flaw Triggers Windows System Crashes
Fake Claude Code Installer Spreads Fileless .NET Infostealer
IronWorm npm Attack Steals Developer Secrets
Stock Exchange Executive’s Outlook Targeted in Credential Theft Attack
PoC Exploit Released for Cisco Unified Communications Manager Security Vulnerability
Proofpoint: TA4922 Deploys New RAT and Loader Arsenal
Phishing Attacks Pivot to Infostealer Malware Over Fake Login Pages
Cybersecurity Dive
CISA chief says Trump AI executive order implementation will start soon
CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand
‘Don’t panic’: AI reality checks dominate major cybersecurity conference
CISA, FBI warn that hackers are targeting systems used to monitor industrial fluids
Trump signs EO seeking early government access to powerful AI models
Dozens of Red Hat npm packages targeted in supply chain attack
Anthropic shares Mythos with 150 more organizations, including critical infrastructure operators
Turning tension into collaboration: How CIOs and CISOs can lead together
Without strong governance, companies put credit ratings at risk in AI era
CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Five Eyes: Watch out for odd LinkedIn connection requests, China's back on the hunt for state secrets
Duo who sold car crash victims' data must repay £118k
Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine
All the passwords were stored in Active Directory description fields
Commvault says it's time to rethink resiliency as AI crooks leave victims in a 'dark, dead' state
Bend the beam like Beckham to defeat anti-jamming tech
Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures
UK banks offered access to OpenAI’s GPT-5.5 amid exclusion from Anthropic’s Glasswing expansion
'Dumbass' criminal breaks the 'first rule of ransomware club'
Cisco sings Mythos' praises - but doesn't say how many bugs the model uncovered
VentureBeat
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.
TechCrunch
Chinese spies are using LinkedIn to lure Westerners into sharing sensitive information
Ultrahuman says hackers accessed customers’ wellness data via internal tool
Instagram is alerting users who were targeted by hackers during AI chatbot attacks
The worst hacks and breaches of 2026 (so far)
Cyera eyes $12B valuation at 80x ARR multiple despite operating losses
Password manager Dashlane says hackers stole some customers’ password vaults
Anthropic scales Claude Mythos to critical infrastructure in 15+ countries
Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access
Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers
Microsoft under fire for threatening security researcher with criminal investigation
Network World Security
CompTIA debuts AutoOps+ certification
Cisco sees quantum networking as the future of networking
Enterprise Spotlight: Rethinking cloud strategy in the age of AI
What is Cisco Cloud Control and why should customers care?
Will Broadcom’s VMware strategy keep paying big dividends?
Netskope introduces AI Command Center to monitor and secure enterprise AI sprawl
Cisco Live: The network is back, and AI rewrote the rules
2026 network outage report and internet health check
Cisco brings agentic ops platform and security overhaul to Cisco Live
Attackers exploit Palo Alto GlobalProtect flaw days after disclosure
Help Net Security
OAuth marketplace apps keep access after publishers vanish
The modern-day business can learn a lot about risk from this year’s mega events
Spotless compliance evidence can still hide a broken control
From critical to controlled: Cutting vulnerabilities in a live manufacturing environment
Attackers already know the secrets are on your developers’ machines. Do you?
Product showcase: Trend Micro Mobile Security detects scams in messages, QR codes, and websites
ETSI sets security requirements for AI data centers and cloud platforms
Microsoft responds to security challenges facing code, AI agents, and models
Simplify security management with CIS SecureSuite Platform
Autonomous AI-driven worm can reason its way through corporate networks
SC Magazine
Info Stealer Malware Explained: How Hackers Steal Your Data & Bypass MFA - WC #1
The Trump AI EO strikes a compromise to balance innovation with accountability
Stock exchange executive’s Outlook mailbox stolen over course of 5 months
Microsoft Edge retires master password feature, adopts passkeys and biometrics
Spanish hacker Alcasec sentenced to prison for stealing banking details
Google rolls out scam call detection for Android
WP Engine adds bot management to Global Edge Security
Russia FSB claims foreign intelligence used malware on officials' phones
Unpatched Windows search URI handler issue leaks NTLMv2 hashes
Acer addresses critical zero-day vulnerabilities in Wave 7 routers
© 2026 RiskDiscovery | Sponsored by: Deception Logic