[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
North Korean APTs Use AI to Enhance IT Worker Scams
EU Auto Rules Shift Gears on Cybersecurity Standards
Iran's Cyber-Kinetic War Doctrine Takes Shape
Cyberattack on Mexico's Gov't Agencies Highlight AI Threat
Nation-State Actor Embraces AI Malware Assembly Line
Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform
Cisco Drops 48 New Firewall Vulnerabilities, 2 Critical
Software Development Practices Help Enterprises Tackle Real-Life Risks
LatAm Now Faces 2x More Cyberattacks Than US
VMware Aria Operations Bug Exploited, Cloud Resources at Risk
Ars Technica
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
Amazon appears to be down, with over 20,000 reported problems
Trump gets data center companies to pledge to pay for power generation
Downdetector, Speedtest sold to IT service-provider Accenture in $1.2B deal
LLMs can unmask pseudonymous users at scale with surprising accuracy
Google quantum-proofs HTTPS by squeezing 15kB of data into 700-byte space
New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises
Password managers' promise that they can't see your vaults isn't always true
Most VMware users still "actively reducing their VMware footprint," survey finds
Retraction: After a routine code rejection, an AI agent published a hit piece on someone by name
CyberScoop
The long-awaited Trump cyber strategy has arrived
Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI
DHS CISO, deputy CISO exit amid reported IT leadership overhaul
Congress looks to revive critical cyber program for rural electric utilities
FBI targeted with ‘suspicious’ activity on its networks
HHS updates a free risk tool to help hospitals size up their cybersecurity exposure
Phobos ransomware leader pleads guilty, faces up to 20 years in prison
Cisco reveals 2 max-severity defects in firewall management software
Global coalition dismantles Tycoon 2FA phishing kit
LLMs are getting better at unmasking people online 
InfoSecurity Magazine
Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor
Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns
AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns
ContextCrush Flaw Exposes AI Development Tools to Attacks
Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns
Zero-Click FreeScout Bug Enables Remote Code Execution
Cisco Issues Patches for 48 Vulnerabilities in Enterprise Networking Products
Europol Operation Seizes LeakBase Data Breach Site
Coalition of Western Countries Launches 6G Cybersecurity Guidelines
Global Takedown Neutralizes Tycoon2FA Phishing Service
SecurityWeek
FBI Investigating ‘Suspicious’ Cyber Activity on System Holding Sensitive Surveillance Information
ArmorCode Raises $16 Million for Exposure Management Platform
In Other News: FBI Hacked, US Security Pro Killed in Iran War, Hijacked Cameras Used in Khamenei Strike
CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List
Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks
James ‘Aaron’ Bishop Tapped to Serve as New Pentagon CISO
Iranian APT Hacked US Airport, Bank, Software Company
Data Security Firm Evervault Raises $25 Million in Series B Funding
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises
Russian Ransomware Operator Pleads Guilty in US
ZDNet
The best antivirus software to protect your computer in 2026
Apple wasn't at the world's biggest Android show - but its influence was all I could see
The best Lenovo laptops of 2026: Expert tested and reviewed
Renpho Eyeris Zen review: This eye massager doubles as my meditation tool
Bose QuietComfort Ultra Headphones (2nd Gen) review: The best Bose has to offer
Is 8GB of RAM really enough for a Mac in 2026? Short answer: Yes
Nothing Headphone (a) review: The superior option for design and button enthusiasts
Buy the new Google Pixel 10a and get a free $100 Amazon gift card (or Pixel Buds 2a)
Dell XPS 14 (2026) review: A Windows laptop I wouldn't mind returning to from Mac
SanDisk High Endurance review: 20,000 hours of testing later, it's the microSD card to beat
The Hacker News
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More
BleepingComputer
Cognizant TriZetto breach exposes health data of 3.4 million patients
CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
Fake Claude Code install guides push infostealers in InstallFix attacks
Microsoft 365 Backup to add file-level restore for faster recovery
Ghanain man pleads guilty to role in $100 million fraud ring
FBI investigates breach of surveillance and wiretap systems
Chinese state hackers target telcos with new malware toolkit
Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
Wikipedia hit by self-propagating JavaScript worm that vandalized pages
gbhackers
Claude AI Exposes 22 Firefox Vulnerabilities in Just Two Weeks
RMM Tools Crucial for IT Operations, But Growing Threat as Attackers Weaponize Them
AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection
Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets
AWS-LC Flaw Exposes Amazon Users to Attacks by Bypassing Certificate Chain Validation
New Linux Rootkits Leverage Advanced eBPF and io_uring Techniques for Stealthy Attacks
China-Nexus Hackers Target Telecommunication Providers with New Malware Attack
FBI Detains U.S. Government Contractor in Massive $46 Million Fraud Scheme
WordPress Membership Plugin Flaw Lets Attackers Create Admin Accounts
Google Uncovers 90 Zero-Day Vulnerabilities Under Active Exploitation in 2025
Cybersecurity Dive
Trump’s new cybersecurity strategy makes promises but lacks details
HHS adds cybersecurity guidance to healthcare sector self-assessment tool
Nearly half of exploited zero-day flaws target enterprise-grade technology
Microsoft, Europol disrupt global phishing platform Tycoon 2FA
Plankey’s nomination as CISA director now in jeopardy
Iran-nexus hackers target flaws in surveillance cameras
CrowdStrike reports record quarter amid investor concerns about AI impact
Pro-Russia actors team with Iran-linked hackers in attacks
Ransomware is now less about malware and more about impersonation
University of Mississippi Medical Center reopens clinics after ransomware attack
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Firefox taps Anthropic AI bug hunter, but rancid RAM still flipping bits
Spyware disguised as emergency-alert app sent to Israeli smartphones
Cisco warns of two more SD-WAN bugs under active attack
Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal
Son of government contractor arrested after alleged $46M crypto heist from US Marshals
Microsoft finally gets around to fixing Windows 10 Recovery Environment after breaking it in October
Transport for London says 2024 breach affected 7M customers, not 5,000
Google says spyware makers and China-linked groups dominated zero-day attacks last year
Iran intelligence backdoored US bank, airport, software outfit networks
UK watchdog eyes Meta's smart glasses after workers say they 'see everything'
VentureBeat
Pentagon vendor cutoff exposes the AI dependency map most enterprises never built
Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure
What if the real risk of AI isn’t deepfakes — but daily whispers?
When AI lies: The rise of alignment faking in autonomous systems
Enterprise MCP adoption is outpacing security controls
Claude didn't just plan an attack on Mexico's government. It executed one for a month — across four domains your security stack can't see.
Anthropic says DeepSeek, Moonshot, and MiniMax used 24,000 fake accounts to rip off Claude
TechCrunch
Anthropic’s Claude found 22 vulnerabilities in Firefox over two weeks
TriZetto confirms 3.4M people’s health and personal data was stolen during breach
FBI investigating hack on its wiretap and surveillance systems: Report
Italian prosecutors confirm journalist was hacked with Paragon spyware
FYI: Impersonators are (still) targeting companies with fake TechCrunch outreach
Google says half of all zero-days it tracked in 2025 targeted buggy enterprise tech
US and EU police shut down LeakBase, a site accused of sharing stolen passwords and hacking tools
A suite of government hacking tools targeting iPhones is now being used by cybercriminals
Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran
Fig Security emerges from stealth with $38M to help security teams deal with change
Network World Security
Cisco: LPO not a panacea but plays strategic role in AI networks
AI transforms ‘dangling DNS’ into automated data exfiltration pipeline
Data center new builds diminish even as demand rises
Cisco issues emergency patches for critical firewall vulnerabilities
Cisco: Latest news and insights
Lack of regulatory action on hyperscaler dominance prompts inquiry chair to quit
Digital sovereignty options for on-prem deployments
Cato Networks brings adaptive threat defense to SASE
AMD: Latest news and insights
AWS Middle East outage: a reminder not to rely on cloud as disaster recovery plan
Help Net Security
Iran-linked APT targets US critical sectors with new backdoors
Microsoft working on Teams feature to keep unauthorized bots at bay
New cyber module strengthens risk planning for health organizations
Hexnode IdP brings device-aware authentication and zero trust to enterprise access
Cyolo PRO 7.0 expands OT-first secure remote access with AI session intelligence
Cursor Automations turns code review and ops into background tasks
OpenAI’s GPT-5.4 doubles down on safety as competition heats up
March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
Backup strategies are working, and ransomware gangs are responding with data theft
Why phishing still works today
SC Magazine
3 Apple flaws from Coruna exploit kit added to CISA vulnerability list
Russian man admits role in global Phobos ransomware attacks
Depature of Trump's CISA director nominee from DHS fuels uncertainty
Cyberattack-related outages reported by New Jersey county
Context7 MCP Server flaw could allow malicious instructions for AI assistants
Actively exploited zero-days rise as surveillance firms ramp up abuse
Browser extension weaponization for malware delivery examined
Stealer malware distributed via bogus GitHub tools
Novel RingH23 toolkit leveraged by reemergent Funnull cybercrime operation
AI-generated vibeware spread in new APT36 campaign
© 2026 RiskDiscovery | Sponsored by: Deception Logic