[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Hackers Use AI for Exploit Development, Attack Automation
Cyber Espionage Group Targets Aviation Firms to Steal Map Data
ShinyHunters Claims Second Attack Against Instructure
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
Has CISA Finally Found Its New Leader in Tom Parker?
AI-Driven Cyberattack on Mexico Couldn't Breach OT Systems
'TrustFall' Convention Exposes Claude Code Execution Risk
VoidStealer Malware Darts Past Google Chrome's Encryption
Instructure Breach Exposes Schools' Vendor Dependence
From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber
Ars Technica
Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
Ars Asks: Share your shell and show us your tricked-out terminals!
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Why Reddit blocked my daily visit to its mobile website
GameStop offers $56 billion for eBay, struggles to explain how it'll pay for it
Ubuntu infrastructure has been down for more than a day
The most severe Linux threat to surface in years catches the world flat-footed
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Open source package with 1 million monthly downloads stole user credentials
CyberScoop
The missing cybersecurity leader in small business
Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments
ShinyHunters claims nearly 9,000 schools affected by Canvas data breach
Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI
Ivanti customers confront yet another actively exploited zero-day
Trump officials are steering a cybersecurity scholarship program toward AI
American duo sentenced for hosting laptop farms for North Korean IT workers
One House Democrat is pressing Commerce on the government’s spyware use
A DOD contractor’s API flaw exposed military course data and service member records
A critical Palo Alto PAN-OS zero-day is being exploited in the wild
InfoSecurity Magazine
Hackers Observed Using AI to Develop Zero-Day for the First Time
US: FCC Relaxes Foreign-Made Router Ban to Allow for Security Updates
ShinyHunters Escalates Canvas Extortion with School by School Ransom Campaign
Zara Data Breach Impacts Nearly 200,000 Customers
Police Shut Relaunched Crimenetwork Dark Web Marketplace
Australian Cyber Security Centre Issues Alert Over ClickFix Attacks
PCPJack Campaign Boots TeamPCP Off Compromised Machines
Legacy Security Tools Failing Data Protection, Capital One Software Report Finds
Cline Kanban Flaw Lets Websites Hijack AI Coding Agents
OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos
SecurityWeek
Skoda Data Breach Hits Online Shop Customers
Cloudflare Lays Off 1,100 Employees in AI-Driven Restructuring
SailPoint Discloses GitHub Repository Hack
Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack
Canvas System Is Online After a Cyberattack Disrupted Thousands of Schools
New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks
Resurrected ‘Crimenetwork’ Marketplace Taken Down, Administrator Arrested
Over 500 Organizations Hit in Years-Long Phishing Campaign
In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
ZDNet
I tested whether Gemini, ChatGPT, and Claude can analyze videos - this one wins
Samsung Galaxy Z Flip 7 vs. Motorola Razr Ultra: I've used both, and this phone is my pick
Windows rivals to MacBook Neo are here - but I'm more excited for Google's response
Fitbit Air vs. Whoop: I compared Google's screenless fitness tracker to the industry best
How I tweaked my Sonos speakers to upgrade their audio performance - easy and free
My home's Wi-Fi dead zones were worse than I thought - here's what fixed them
I stopped using a smart plug with these 5 common household devices - here's why
I measured 5G signals of AT&T, T-Mobile, and Verizon in a small town - here's what the data says
I use these 10 secret Netflix codes to find hidden movies - here's how to enter them
The best Sony TVs of 2026: Expert tested and reviewed
The Hacker News
Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth Breaches
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
BleepingComputer
Webinar this week: Prevention alone is not enough against modern attacks
TrickMo Android banker adopts TON blockchain for covert comms
Hackers abuse Google ads, Claude.ai chats to push Mac malware
Police shut down reboot of Crimenetwork marketplace, arrest admin
JDownloader site hacked to replace installers with Python RAT malware
Fake OpenAI repository on Hugging Face pushes infostealer malware
NVIDIA confirms GeForce NOW data breach affecting Armenian users
Why More Analysts Won’t Solve Your SOC’s Alert Problem
Trellix source code breach claimed by RansomHouse hackers
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
gbhackers
cPanel and WHM Servers Targeted in Attacks Exploiting CVE-2026-41940
Python Infostealer Hides in GitHub Releases to Bypass Detection
PHP SOAP Extension Flaw Could Let Attackers Execute Code Remotely
Fake Claude Campaign Uses PlugX-Style DLL Sideloading Chain
Microsoft 365 Copilot Flaws Could Let Attackers Access Sensitive Data
Trending Hugging Face Repo With 200K Downloads Spreads Windows Malware
Sandboxie Escape Flaw Could Let Attackers Gain SYSTEM-Level Privileges
PoC Exploit Released for Android Zero-Click Flaw Enabling Remote Shell Access
OpenClaw Malware Targets Crypto Wallets and Bitwarden Credentials
Crimenetwork Bust Reveals 22,000 Members and Over 100 Illicit Vendors
Cybersecurity Dive
Identity is the new perimeter as rapid NHI proliferation threatens visibility and control
Instructure confirms cybersecurity incident
Anthropic’s Claude used in attempted compromise of Mexican water utility
Businesses hide vast majority of ransomware attacks, report finds
Palo Alto Networks warns state-linked cluster behind zero-day exploitation
Businesses eager but unprepared for AI to transform their security strategies
Iran-sponsored threat group behind false flag social engineering campaign
NIST will test three major tech firms’ frontier AI models for cybersecurity risks
Trellix investigating breach of source code repository
CISA urges critical infrastructure firms to ‘fortify’ before it’s too late
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged
Taiwan's train cyber-trauma reveals a global system that’s coming off the tracks
Worm rubs out competitor's malware, then takes control
'Dirty Frag' Linux flaw one-ups CopyFail with no patches and public root exploit
Meta U-turns on encryption push for Instagram as DMs go plaintext
Hackers ate my homework: Educational SaaS Canvas down after cyberattack
Meta fights Ofcom over how many billions count as billions
Mozilla boasts Mythos boosted Firefox bug cull
Anthropic response to 1-click pwn: Shouldn't have clicked 'ok'
60% of MD5 password hashes are crackable in under an hour
VentureBeat
AI tool poisoning exposes a major flaw in enterprise agent security
5,000 vibe-coded apps just proved shadow AI is the new S3 bucket crisis
An AI agent rewrote a Fortune 50 security policy. Here's how to govern AI agents before one does the same.
Anthropic Skill scanners passed every check. The malicious code rode in on a test file.
One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it
Microsoft takes Agent 365 out of preview as shadow AI becomes an enterprise threat
200,000 MCP servers expose a command execution flaw that Anthropic calls a feature
TechCrunch
Poland says hackers breached water treatment plants, and the US is facing the same threat
US defense contractor who sold hacking tools to Russian broker ordered to pay $10M to former employers
Hackers deface school login pages after claiming another Instructure hack
Hackers hack victims hacked by other hackers
How Anthropic’s Mythos has rewritten Firefox’s approach to cybersecurity
Police arrest SMS blaster crew that sent malicious messages to thousands across Toronto
2 days left: Get 50% off a second pass to TechCrunch Disrupt 2026
DOJ says ransomware gang tapped into Russian government databases
AI evaluation startup Braintrust confirms breach, tells every customer to rotate sensitive keys
Some kids are bypassing age-verification checks with a fake mustache
Network World Security
AWS hit by US-East-1 outage after data center thermal event
Q&A: Quantum physicist Sonia Fernández-Vidal on why classical computing isn’t going anywhere
OpenAI-led consortium seeks to address AI processing bottlenecks
Gluware’s Titan rises to meet Mythos network vulnerability challenge
AMD launches AI-targeted PCIe cards for current servers
Supply constraints, optical advances dominate Arista’s Q1
Lumen advances cloud networking vision with $475M Alkira buy
HPE bolsters autonomous network operations for Mist, Aruba Central
Netskope launches AI agents for SOC and NOC automation
Intel, behind in AI chips, bets on quantum and neuromorphic processors
Help Net Security
Linux developers weigh emergency “killswitch” for vulnerable kernel functions
SailPoint Agentic Fabric expands identity governance to autonomous AI agents
Police take down relaunched criminal marketplace with 22,000 users, €3.6 million in revenue
Instagram messaging encryption removed, and privacy advocates are pushing back
The questionnaire-based TPRM model is broken, and TrustCloud has a fix
The scam economy has found its AI upgrade
Rustinel: Open-source endpoint detection for Windows and Linux
Review: Foundations of Cybersecurity, 2nd edition
Security teams are turning to AI to survive alert overload
Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams
SC Magazine
Vibe coding has cybersecurity asking what AI can — and can’t — replace
The impact of Mythos and Florida Man, confidence gaps, phishing, & AI adoption - Erich Kron, Deepen Desai, Chris Wallis - ESW #458
Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance! - SWN #579
Federal agencies ordered to patch Ivanti EPMM zero-day in 3 days
'Dirty Frag' Linux zero-day exposes most distributions to LPE
Google Chrome silently downloads large AI model, raising privacy concerns
Australian organizations warned of Vidar Stealer malware campaign using ClickFix technique
Microsoft Edge password saving practice raises security concerns
California man sentenced to over 6 years for role in $250 million cryptocurrency heist
U.S. oil and gas sector faces OT security challenges post-Operation Epic Fury
© 2026 RiskDiscovery | Sponsored by: Deception Logic