[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
Russia's Secret Blizzard APT Gains Embassy Access via ISPs
Getting a Cybersecurity Vibe Check on Vibe Coding
What the Coinbase Breach Says About Insider Risk
Dark Reading Confidential: Funding the CVE Program of the Future
Low-Code Tools in Microsoft Azure Allowed Unprivileged Access
Koreans Hacked, Blackmailed by 250+ Fake Mobile Apps
Tonic Security Harnesses AI to Combat Remediation Challenges
Palo Alto Networks Grabs IAM Provider CyberArk for $25B
Inside the FBI's Strategy for Prosecuting Ransomware
Silk Typhoon Linked to Powerful Offensive Tools, PRC-Backed Companies
Ars Technica
In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network
So far, only one-third of Americans have ever used AI for work
Flaw in Gemini CLI coding tool could allow hackers to run nasty commands
AI in Wyoming may soon use more electricity than state’s human residents
OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test
Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel
After BlackSuit is taken down, new ransomware group Chaos emerges
OpenAI’s most capable AI model, GPT-5, may be coming in August
Supply-chain attacks on open source software are getting out of hand
Two major AI coding tools wiped out user data after making cascading mistakes
CyberScoop
Senate legislation would direct federal agencies to fortify against quantum computing cyber threats
Project Zero disclosure policy change puts vendors on early notice
Senate Democrats call Trump admin’s focus on state voter rolls a pretext for disenfranchisement
Army Secretary forces West Point to rescind appointment given to Easterly
Palo Alto Networks to acquire CyberArk for $25 billion
CISA is facing a tight CIRCIA deadline. Here’s how Sean Plankey can attempt to meet it
Research shows data breach costs have reached an all-time high
Minnesota governor activates National Guard amid St. Paul cyberattack
CISA says it will release telecom security report sought by Sen. Wyden to lift hold on Plankey nomination
Researchers flag flaw in Google’s AI coding assistant that allowed for ‘silent’ code exfiltration 
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
What Zuckerberg's 'personal superintelligence' sales pitch leaves out
The best smart home devices of 2025: Expert tested
Malicious extensions can use ChatGPT to steal your personal data - here's how
Not just YouTube: Google is using AI to guess your age based on your activity - everywhere
Should you let iOS 26 slow down your iPhone for better battery life? I tried it to find out
This thermostat mistake was costing me hundreds: 3 tips to get the best temperature control
This hidden Pixel camera setting gave my photos the pop they've been missing
Android Auto not connecting? This one setting tweak fixed things for me
Should you buy an iPhone 16 or wait for the iPhone 17? Know this before you decide
Two critical Android 16 security features you're not using (but absolutely should)
The Hacker News
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals
UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud
Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant
Product Walkthrough: A Look Inside Pillar's AI Security Platform
Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
BleepingComputer
Inside a Real Clickfix Attack: How This Social Engineering Hack Unfolds
Spikes in malicious activity precede new security flaws in 80% of cases
Proton launches free standalone cross-platform Authenticator app
ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH
Hackers target Python devs in phishing attacks using fake PyPI site
SafePay ransomware threatens to leak 3.5TB of Ingram Micro data
Hackers actively exploit critical RCE in WordPress Alone theme
Hackers plant 4G Raspberry Pi on bank network in failed ATM heist
Apple patches security flaw exploited in Chrome zero-day attacks
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
Cybersecurity Dive
Ransomware gangs capitalize on law enforcement takedowns of competitors
Palo Alto Networks to buy CyberArk for $25 billion
What we know about the cybercrime group Scattered Spider
CISA’s Joint Cyber Defense Collaborative takes major personnel hit
‘Shadow AI’ increases cost of data breaches, report finds
FBI, CISA warn about Scattered Spider’s evolving tactics
Ransomware attacks against oil and gas firms surge
Research shows LLMs can conduct sophisticated attacks without humans
Allianz Life discloses massive data breach linked to supply-chain attack
Emerging cybersecurity needs: What the market is telling us
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Kremlin goons caught abusing ISPs to spy on Moscow-based diplomats, Microsoft says
Silk Typhoon spun a web of patents for offensive cyber tools, report says
Brit watchdog pushes to rein in Microsoft and AWS with 'strategic market status'
NHS disability equipment provider on brink of collapse a year after cyberattack
Banning VPNs to protect kids? Good luck with that
Internet exchange points are ignored, vulnerable, and absent from infrastructure protection plans
Lethal Cambodia-Thailand border clash linked to cyber-scam slave camps
The TSA likes facial recognition at airports. Passengers and politicians, not so much
Enterprises neglect AI security – and attackers have noticed
Users left scrambling for a plan B as Dropbox drops Dropbox Passwords
VentureBeat
Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports
Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale
How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution
AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders
ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step
Sparrow raises $35M Series B to automate the employee leave management nightmare
How E2B became essential to 88% of Fortune 100 companies and raised $21 million
CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone
SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more
Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely
TechCrunch
Google is experimenting with machine learning-powered age-estimation tech in the US
Palo Alto Networks agrees to buy CyberArk for $25 billion
Germ brings end-to-end encrypted messages to Bluesky
Hackers stole Social Security numbers during Allianz Life cyberattack
Minnesota activates National Guard as cyberattack on Saint Paul disrupts public services
Skechers is making kids’ shoes with a hidden AirTag compartment
Google says UK government has not demanded an encryption backdoor for its users’ data
Tea app disables DMs after second data breach exposed over a million private messages
Telecom giant Orange warns of disruption amid ongoing cyberattack
Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers
Network World Security
Data center survey: AI gains ground but trust concerns persist
Observe secures $156M funding boost for AI-powered observability
Palo Alto Networks to buy CyberArk for $25B as identity security takes center stage
Micron unveils PCIe Gen6 SSD to power AI data center workloads
IBM: Cost of U.S. data breach reaches all-time high and shadow AI isn’t helping
Survey: AI, cyber threats, distributed workforces challenge IT teams most
Backblaze adds cloud storage security protection features
Debian shifts to 64-bit time storage to head off Epochalypse
Network jobs watch: Hiring, skills and certification trends
Multi-cloud migration startup FluidCloud emerges from stealth
Help Net Security
GreyNoise enhances threat response with real-time blocklists, feeds, and SOAR integrations
Intel 471 unveils Verity471, a unified platform for next-gen cyber threat intelligence
Outpost24 launches Credential Checker to spot leaked credentials on the dark web
Singulr introduces AI control plane to replace fragmented tools with unified, automated governance
Citrix delivers new tools for quantum-ready, anywhere work
Why stolen credentials remain cybercriminals’ tool of choice
Palo Alto Networks to acquire CyberArk in $25 billion deal
New AI model offers faster, greener way for vulnerability detection
AI is changing the vCISO game
Secrets are leaking everywhere, and bots are to blame
InfoSecurity Magazine
Android Malware Targets Banking Users Through Discord Channels
CISA Unveils Eviction Strategies Tool to Aid Incident Response
Ransomware Attacks Escalate to Physical Threats Against Executives
Cybercriminals ‘Spooked’ After Scattered Spider Arrests
FunkSec Ransomware Victims Can Now Recover Files with Free Decryptor
Passwordless Future Years Away Despite Microsoft Authenticator Move
Over 200 Malicious Open Source Packages Traced to Lazarus Campaign
Hafnium Tied to Advanced Chinese Surveillance Tools
Hidden Backdoor Found in ATM Network via Raspberry Pi
Google to Publicly Report New Vulnerabilities Within One Week of Vendor Disclosure
© 2025 RiskDiscovery | Sponsored by: Deception Logic