[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Feuding Ransomware Groups Leak Each Other's Data
Vidar Rises to Top of Chaotic Infostealer Market
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
UNC6692 Combines Social Engineering, Malware, Cloud Abuse
Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation
20-Year-Old Malware Rewrites History of Cyber Sabotage
Parsing Agentic Offensive Security's Existential Threat
Helping Romance Scam Victims Requires a Proactive, Empathic Approach
US Busts Myanmar Ring Targeting US Citizens in Financial Fraud
Glasswing Secured the Code. The Rest of Your Stack Is Still on You
Ars Technica
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
CyberScoop
Federal CIO cautious on Anthropic’s Mythos despite planned rollout
Rep. Delia Ramirez takes over as top House cybersecurity Dem
U.S. companies hit with record fines for privacy in 2025
Chinese national extradited to US for pandemic-era Silk Typhoon attacks
Supreme Court justices skeptically question both sides in geofence surveillance case
Senators seek answers about hackers obtaining sensitive student data from ostensibly anonymous tip line
BlackFile actively extorting data-theft victims in retail and hospitality sector
Latest spy power reauthorization bill leaves critics unimpressed
Vercel attack fallout expands to more customers and third-party systems
US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied
InfoSecurity Magazine
Medtronic Confirms Data Breach After ShinyHunters Claims
Ransomware Turf War as 0APT and KryBit Groups Trade Blows
Chinese National Extradited Over Silk Typhoon Cyber Campaign
No Metrics Are Better Than Bad Metrics in the SOC, Says NCSC
North Korean Hackers Target Crypto Firms with ClickFix and AI-Made Zoom Lures
US Sanctions Target Cambodian Scam Network Leaders
Utilities Tech Supplier Itron Discloses Cyber-Attack, Operations Unaffected
Widely Used Browser Extensions Selling User Data
Most Cybersecurity Professionals Feel Undervalued and Underpaid
Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet
SecurityWeek
Cyber Insurance Data Gives CISOs New Ammo for Budget Talks
Vimeo Confirms User and Customer Data Breach
The Mythos Moment: Enterprises Must Fight Agents with Agents
Webinar Today: A Step-by-Step Approach to AI Governance
Robinhood Vulnerability Exploited for Phishing Attacks
Alleged Chinese State Hacker Extradited to US
Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable
Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety
No Patch for New PhantomRPC Privilege Escalation Technique in Windows
ZDNet
Over 80% of US government agencies already use AI agents - and it's only the beginning
Microsoft finally open sources DOS 1.0 - and it's so much more than the code
I was not expecting a Razer keyboard to enhance my office productivity - here's how it did
User interfaces as we know them are dead - 4 ways to prep for 'disposable' UIs
Want a free Apple Watch? T-Mobile will give you the SE 3 - how to get yours today
You can save 50% on this Sony soundbar right now - but the deal ends tonight
I tested a BlackBerry-style Android phone with a keyboard, and it's weirdly practical in 2026
I earned nearly $700 by shopping with the Rakuten plugin - 6 tips from a shopping expert
Canonical's approach to AI is refreshingly thoughtful - Microsoft should take note
Why virtual desktops are so useful - and my top 4 tips for beginners
The Hacker News
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
After Mythos: New Playbooks For a Zero-Window Era
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
BleepingComputer
Broken VECT 2.0 ransomware acts as a data wiper for large files
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
Video service Vimeo confirms Anodot breach exposed user data
US reportedly charges Scattered Spider hacker arrested in Finland
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Microsoft to deprecate legacy TLS in Exchange Online starting July
Inside an OPSEC Playbook: How Threat Actors Evade Detection
Microsoft: New Remote Desktop warnings may display incorrectly
Microsoft asks iPhone users to reauthenticate after Outlook outage
Robinhood account creation flaw abused to send phishing emails
gbhackers
Hugging Face LeRobot Flaw Opens Door to Remote Code Execution Attacks
Silk Typhoon Hacker Extradited to U.S. from Italy
Checkmarx Confirms Security Incident Involving GitHub Repository Exposure
Fake Tax Audits and Updates Fuel Silver Fox Malware Campaign
Microsoft Expands Copilot Agent Mode for Outlook Inbox and Calendar Tasks
Chinese-Backed Smishing Rings Scale Credential Theft via SMS and OTT Apps
Sandworm Uses SSH-over-Tor Tunnel for Stealthy Long-Term Persistence
WhatsApp Tests Encrypted Cloud Backup Service for Safer Message Storage
Critical LiteLLM Flaw Enables Database Attacks Through SQL Injection
OilRig Hides C2 Config in Google Drive Image via LSB Steganography
Cybersecurity Dive
‘Fundamental tension’ undermines manufacturers’ cybersecurity
North Korea-linked actor targets Web3 execs in social-engineering campaign
Major critical infrastructure supplier reports cyberattack
US, UK authorities warn that Firestarter backdoor malware survives patching
When security becomes the attack surface: Why endpoint protection must evolve
Hasbro expects March cyberattack to impact second-quarter revenue
AI-written software creates hassles for wary security teams
China disguises cyberattacks with ‘covert network’ botnets, US and allies warn
Iran-nexus threat groups refine attacks against critical infrastructure
Trump’s CISA director pick withdraws after tumultuous nomination
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Don't pay Vect a ransom - your data's likely already wiped out
Have I Been Pwned claims Pitney Bowes hit by 8.2M email address leak
SUSE's sovereignty pitch meets an inconvenient $6 billion question
Ongoing supply-chain attack 'explicitly targeting' security, dev tools
Medical and utility tech companies admit digital breakins
Trump's Golden Dome gets $3.2B of contractors and an AI sprinkle
Cybersec is a thankless job: expanding workload and shrinking pay packet
Burglar alarm biz burgled: ADT confirms cyber intrusion after ShinyHunters extortion attempt
Microsoft updates the Windows Update Experience: You can hit pause now
ICO chief John Edwards steps back as workplace probe quietly unfolds
VentureBeat
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it
Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall
Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds
Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway
TechCrunch
Paragon is not collaborating with Italian authorities probing spyware attacks, report says
US Supreme Court appears split over controversial use of ‘geofence’ search warrants
Hacker who allegedly carried out cyberattacks for China is extradited to US
Critical infrastructure giant Itron says it was hacked
Another spyware maker caught distributing fake Android snooping apps
Trump’s pick to run US cyber agency CISA asks to drop out
Vercel says some of its customers’ data was stolen prior to its recent hack
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
France confirms data breach at government agency that manages citizens’ IDs
Apple fixes bug that cops used to extract deleted chat messages from iPhones
Network World Security
2026 network outage report and internet health check
Infected Cisco firewalls need cold start to clear persistent Firestarter backdoor
AI data bursts force rethink of data center networking at Backblaze
Nvidia’s ‘AI insurance policy’ balances immediate and future AI approaches
Top network and data center events of 2026
Meta’s compute grab continues with agreement to deploy tens of millions of AWS Graviton cores
Cirrascale to offer on-prem Google Gemini models
Space data-center news: Roundup of extraterrestrial AI endeavors
Network jobs watch: Hiring, skills and certification trends
Cisco switch aimed at building practical quantum networks
Help Net Security
Police arrest 10 suspected members of Black Axe cybercrime gang
ShinyHunters claims it stole 1.4 million records from Udemy
Sevii unveils Cyber Swarm Defense Mode to stop AI-driven attacks at scale
Alleged Chinese hacker extradited to US over cyberattacks targeting COVID-19 research
Cequence Agent Personas bring granular control and governance to enterprise AI agents
NowSecure MARI gives enterprises evidence-based visibility into third-party mobile app risk
The metrics killing your SOC, and what to use instead
US state privacy fines reached $3.425 billion in 2025
Canada’s first SMS blaster case leads to three arrests
Linux storage management tool Stratis 3.9.0 adds online encryption and cache-less pool startup
SC Magazine
Microsoft patches Entra ID bug that let AI agents escalate privileges
Trust or fail: AI unlocks the value of unstructured data but raises new challenges for AI success
Malicious elementary-data package version 0.23.3 steals developer data and cryptocurrency wallets
AI adoption brings back old security gaps, says Mandiant
New legislation renewing surveillance program draws fire across party lines
Udemy allegedly breached by ShinyHunters, data leak warned
More covert ClickFix variant targeting Windows detailed
Chinese spear-phishing campaign targets NASA employees
North Korean hackers operate self-propagating supply chain hack
Experts: Amplification of opportunistic cyberattacks central to Iran's strategy
© 2026 RiskDiscovery | Sponsored by: Deception Logic