[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber
Middle East Cyber Battle Field Broadens — Especially in UAE
Trellix Source Code Breach Highlights Growing Supply Chain Threats
Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations
Why Security Leadership Makes or Breaks a Pen Test
Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
How the Story of a USB Penetration Test Went Viral
Physical Cargo Theft Gets a Boost From Cybercriminals
RMM Tools Fuel Stealthy Phishing Campaign
Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability
Ars Technica
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Why Reddit blocked my daily visit to its mobile website
GameStop offers $56 billion for eBay, struggles to explain how it'll pay for it
Ubuntu infrastructure has been down for more than a day
The most severe Linux threat to surface in years catches the world flat-footed
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
Microsoft issues emergency update for macOS and Linux ASP.NET threat
CyberScoop
CISA wants critical infrastructure to operate ‘weeks to months’ in isolation during conflict
CISA boasts AI automation improvements to threat analysis, mission support
Latvian national sentenced for ransomware attacks run by former Conti leaders
‘Copy Fail’ is a real Linux security crisis wrapped in AI slop
A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory
Why data centers now belong on the critical infrastructure list
US government, allies publish guidance on how to safely deploy AI agents
Former incident responders sentenced to 4 years in prison for committing ransomware attacks
FCC tightens KYC rules for telecoms, closes loophole for banned foreign services
Congress kicks the can down the road on surveillance law (again)
InfoSecurity Magazine
One in Eight Workers Has Sold Their Corporate Logins
Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
North Korean APT Targets Yanbian Gamers via Trojanized Platform
Fake SSA Emails Drive Venomous#Helper Phishing Campaign
AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk
NCSC Warns of an AI-Fuelled “Vulnerability Patch Wave”
Trellix Reveals Unauthorized Access to Source Code
Small Defense Firms Lack Network Data to Stop Nation-State Hackers, Analyst Says
OpenAI To Extend Cyber Program to Government Agencies
Anthropic Rolls Out Claude Security for AI Vulnerability Scanning
SecurityWeek
Romanian Extradited to US for Role in Hacking Scheme 17 Years Ago
CISA: Critical Infrastructure Must Master Isolation, Recovery
Sophisticated Quasar Linux RAT Targets Software Developers
Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack
Oracle Debuts Monthly Critical Security Patch Updates
Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations
Hacker Conversations: Joey Melo on Hacking AI
Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft
Critical Remote Code Execution Vulnerability Patched in Android
ZDNet
I tested ReMarkable's 'cheap' Paper Pure tablet, and it hardly feels like a downgrade
Wix vs. Squarespace: I compared two of the top website builders, and this one wins
10 trillion downloads are crushing open-source repositories - here's what they're doing about it
Get Amazon Prime for 6 months totally free if you're age 18-24 - here's how
The best 40-inch TVs of 2026: Expert tested and reviewed
Your job search is getting riskier, says LinkedIn - 9 ways to tell real listings from scams
All Linux gamers should take the latest Bazzite release seriously - here's why
Fedora 44 made me forget I was using Linux - in the best way
This weird Pixel feature is one of my favorite tools - too bad Google may remove it soon
I'm backing up my Samsung Messages before it's too late - 2 free and easy methods
The Hacker News
Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
BleepingComputer
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
New stealthy Quasar Linux malware targets software developers
Instructure hacker claims data theft from 8,800 schools, universities
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
Student hacked Taiwan high-speed rail to trigger emergency brakes
FTC to ban data broker Kochava from selling Americans’ location data
The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss
Vimeo data breach exposes personal information of 119,000 people
Google now offers up to $1.5 million for some Android exploits
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
gbhackers
Darkhub Hacking-for-Hire Portal Promotes Crypto Fraud and Spyware Services
Microsoft Teams on Android Now Lets Users Join External Meetings Through SIP
Taiwan High Speed Rail Hit by Spoofing Attack That Stops Three Trains
CloudZ RAT Exploits Microsoft Phone Link to Steal SMS OTPs
Salesforce Marketing Cloud Vulnerability Exposes Email Data Risk
Argo CD ServerSideDiff Flaw Allows Attackers to Extract Kubernetes Secrets
QLNX Targets Developers in Supply Chain Credential Theft Campaign
Ransomware Gang Member Linked to Russian Cybercrime Group Sentenced to Prison
Iran-Linked Hackers Target Oman Ministries in Webshell and Data Theft Campaign
Zero-Auth Vulnerability Enables Cross-Tenant Access at DoD Contractor
Cybersecurity Dive
Trellix investigating breach of source code repository
CISA urges critical infrastructure firms to ‘fortify’ before it’s too late
Critical vulnerability in cPanel leads to widespread exploitation
New MOVEit vulnerabilities prompt urgent patch warning
How OpenClaw’s agent skills become an attack surface
White House questions tech industry on defensive AI use, cybersecurity resilience
As email phishing evolves, malicious attachments decline and QR codes surge
US and allies urge ‘careful adoption’ of AI agents
PwC partners with Google Cloud to take on the managed security market
US agencies promote zero-trust practices for operational technology networks
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
India orders infosec red alert in case Mythos sparks crime spree
ServiceNow clears agents for landing with new AI control tower
Attackers are cashing in on fresh 'CopyFail' Linux flaw
Real estate giant confirms vishing incident as ShinyHunters and Qilin both come knocking
ShinyHunters claims dump puts 119K Vimeo emails in the wild
Romance scammers turn sweet talk into £102M payday
Singapore boffins get diverse SIEMs singing in harmony with agentic rule translation
Kids say they can beat age checks by drawing on a fake mustache
Shadow IT has given way to shadow AI. Enter AI-BOMs
If the vote you rocked, your personal info can be grokked
VentureBeat
One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it
Microsoft takes Agent 365 out of preview as shadow AI becomes an enterprise threat
200,000 MCP servers expose a command execution flaw that Anthropic calls a feature
Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
TechCrunch
Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack
Hackers steal students’ data during breach at education tech giant Instructure
4 days left: Get 50% off a second TechCrunch Disrupt 2026 pass to make more deals faster
US government warns of severe CopyFail bug affecting major versions of Linux
Hackers are mass-exploiting the cPanel bug to gain control of thousands of websites
US healthcare marketplaces shared citizenship and race data with ad tech giants
5 days only: Bring a partner or colleague and get 50% off a second TechCrunch Disrupt 2026 pass
Ubuntu services hit by outages after DDoS attack
Hackers are actively exploiting a bug in cPanel, used by millions of websites
After dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, too
Network World Security
Switch storm coming: Gartner forecasts price hikes, long lead times for enterprise data center switches
Extreme moves toward autonomous networking with advanced AI agent, management tools
2026 network outage report and internet health check
Broadcom bets big on VMware Cloud Foundation 9.1
IBM unveils its blueprint to help enterprises run AI at the core of their business
Ruckus Networks on the move again, this time acquired by Belden for $1.85 billion
AMD and Intel partner to deliver AI performance advancement
Cisco grabs Astrix to secure AI agents
Beyond the pitch: A look at Atlético Madrid’s connected stadium
StarlingX 12.0 is right on time for mixed-hardware edge deployments
Help Net Security
Intel 471 speeds threat hunting and remediation with Retroactive Threat Detections
Extreme Networks introduces Agent ONE for autonomous enterprise networking
UiPath adds agentic AI capabilities to Automation Suite for government agencies
8×8 updates CX platform with AI, analytics, and frontline management capabilities
Proton Mail brings quantum-safe email encryption to all accounts
Root-level RCE vulnerability in Palo Alto firewalls exploited (CVE-2026-0300)
New Relic advances AI observability with new intelligence layer
groundcover expands its observability platform with enhanced Synthetic Monitoring and RUM
ServiceNow strengthens enterprise AI security with Autonomous Security & Risk platform
Megaport enhances network resilience with integrated DDoS protection
SC Magazine
Teach to Sell and Two Interviews from RSAC 2026 from Dropzone AI and Microsoft - Dan Rochon, Edward Wu, Arunesh Chandra - BSW #446
Cisco to acquire Astrix Security to bolster AI agent defenses
Zino, 0auth, VSS, Mental Health Hackers, 3 Days of KEV, Copy/Fail, AI, Aaran Leyland - SWN #578
Critical 9.8 Weaver E-cology vulnerability actively exploited
The deferral trap: Compounding risk and AI adoption governance
Supply chain attacks now make the budget case CISOs never could
NCSC warns AI accelerates vulnerability discovery, prompting urgent patch wave
Progress Software warns of critical MOVEit Automation vulnerability
AI tool translates security rules for multiple SIEM systems
Hackers exploit critical Weaver E-cology vulnerability
© 2026 RiskDiscovery | Sponsored by: Deception Logic