[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
[An RX Global Event] Infosecurity Europe
Name That Toon: Mark of (Cybersecurity) Progress
Asia's Cyber Insurance Market Shows Signs of Life
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
'The Com' Cyberattacks Support Violence & Sexploitation
As Global Powers Explore Humanoid Robots, Cyber-Risk Looms
Dutch Raid Fails to Dent Russian Bulletproof Host
Agentic AI Isn't Risky; the Way Orgs Deploy It Is
Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security
Ars Technica
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
US's big bet on quantum computing may not be entirely legal
Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption
A hacker group is poisoning open source code at an unprecedented scale
US government takes $2 billion equity stake in nine quantum computing firms
Google publishes exploit code threatening millions of Chromium users
In stunning display of stupid, secret CISA credentials found in public GitHub repo
CyberScoop
Tennessee man linked to 764 accused of series of crimes against children dating back to 2022
Federal audit reveals NIST’s NVD is plagued by poor planning and duplication
House panel poised to hold hearing centered on AI impact on cyber
Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket
Zapier fixes bug chain that researchers say risked widespread account takeover
OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
Apple open-sources quantum-resistant encryption code
InfoSecurity Magazine
Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
Infosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec Takes Over
Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies
AI-Generated npm Malware Leaks Its Own GitHub Token
Attackers Move Past Typosquatting to Realistic Package Impersonation
Microsoft Condemns "Uncoordinated" Zero Day Disclosures
New Threat Actor Jinx-0164 Targets Crypto Developers on macOS
Infosecurity Europe: Cybersecurity Staff Prefer CISOs With Real Attack Response Experience, Study Reveals
GCHQ Chief Urges Action as AI Reshapes Cyber Threats
CrowdStrike, Google Take Down Glassworm Botnet
SecurityWeek
In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks
Charter Communications Data Breach Could Impact Nearly 5 Million
MokN Raises $15 Million for Phish-Back Platform
Gogs Zero-Day Exposes Servers to Remote Code Execution
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
Chrome 148 Update Patches 151 Vulnerabilities
Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks
Geordie Raises $30 Million for AI Security and Governance Platform
Carnival Data Breach Exposed 6 Million People
New BTMOB Android Malware Enables Full Device Takeover
ZDNet
Amazon is selling this 75-inch Hisense TV for over $500 off - and I highly recommend it
Open-source security is a mess - IBM and Red Hat bet $5 billion and 20,000 engineers can fix it
After using this Windows laptop for work and play, I'm wondering why I still need my PC tower
I've used Gemini in Android Auto for 2 months now, and it's transformed my daily drive in 4 ways
Yes, you should remove your data from the internet - and our favorite service is 55% off
ExpressVPN blows away the competition on security audits - but what do they mean?
How I prep my solar power stations for weather emergencies - before it's too late
I tried different Android Auto weather apps - these 3 are best for storm nerds like me
5 best practices for migrating to a new CRM
This Lenovo laptop I tested rivals the MacBook Air in ways Windows PCs once struggled in
The Hacker News
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More
BleepingComputer
ChatGPT share links abused to host fake outage pages to deliver malware
California AG sues 23andMe over 2023 breach exposing health data
From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
Dutch govt disrupts malware botnet with 17 million infected devices
Google Chrome adds session cookie theft protection for all users
Man sent to prison for selling data of 7 millions elderly Americans
US charges Google security engineer with Polymarket insider trading
Charter Communications data breach affects 4.9 million accounts
Anthropic confirms Claude Mythos-class models will roll out to the public
GreyVibe hackers use ChatGPT, Gemini to power cyberattacks
gbhackers
Ransomware Abuses SYSTEM Task to Encrypt Drives with Elevated Privileges
JINX-0164 Uses LinkedIn Lures to Deploy Custom macOS Malware
GREYVIBE Threat Actors Use ChatGPT and Google Gemini to Scale Cyberattack Operations
Malicious NuGet Package Disguised as Sicoob SDK Exfiltrates Banking Passwords
Trusted Dev Tools Abused to Steal Code and Secrets
Typosquatted npm Packages Steal Cloud and CI/CD Secrets
GitLab Patches Multiple Duo AI, DoS, and Authorisation Vulnerabilities
Fake Adobe Document Cloud Pages Spread ScreenConnect Malware
Samba Security Flaw Lets Attackers Execute Code Remotely
Zapocalypse Attack Lets Threat Actors Hijack Zapier Accounts
Cybersecurity Dive
CISA urges security teams to check for software development compromises
How CISOs can manage sovereign-cloud security risks
IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities
Enterprise data is creeping its way into shadow AI tools
Coordinated operation takes down Glassworm botnet
Leading AI models are more vulnerable to malicious prompts than vendors claim
Iranian government, not hacktivist group, breached LA Metro system, security firm says
FBI warns about PhaaS platform used to access Microsoft 365 environments
Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
New York regulator calls for additional cyber mitigation amid heightened threat environment
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
ICE to keep an eye on your eyes under $25M biometric scanner deal
No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out
23andMe inherits lawsuit over 'disturbing' DNA data breach
Dutch cops wrest 17M devices from mystery botnet's clutches
ChatGPT blindly trusts browser content, turning the page into a payload
Russia-linked threat group put ChatGPT to work from lure to payload
ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak
Troops’ phones gave away location data to foreign adversaries
Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops
Snowflake buys Natoma to help freeze out rogue agents
VentureBeat
DataGrail report finds your vendor may be sending data to AI models you never approved
The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.
Valid certificates, stolen accounts: how attackers broke npm's last trust signal
Americans can’t spot a deepfake, and that’s a business crisis, not just a consumer problem
MFA verifies who logged in. It has no idea what they do next.
GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK
Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering
TechCrunch
Microsoft under fire for threatening security researcher with criminal investigation
Final 24 hours to save up to $410 on your TechCrunch Disrupt 2026 ticket
Hackers are trying to steal Signal users’ backups in new wave of widespread attacks
A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licenses
US says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’
UK Visa Portal exposed thousands of applicants’ passports and selfies — then called the lawyers on us
CrowdStrike and Google take down botnet used by hackers to target open source software developers
TechCrunch Disrupt 2026 Early Bird ticket savings end in 3 days
Dutch government blocks US company from acquisition, citing ‘risk to public interest’
Ghost hackers: the cybersecurity mystery that nobody has solved
Network World Security
Cisco: Latest news and insights
Meta considers becoming a hyperscaler
Zero trust isn’t broken, but most companies are doing it wrong
As AI datacenter memory becomes hot commodity, SK Hynix makes it cooler
Cisco research finds standard AI safety benchmarks miss the real threat
Cisco redefines ‘job-ready’ for network engineers with its certification overhaul
2026 network outage report and internet health check
IBM plans $2B quantum chip foundry; government will pay half
Cisco: AI traffic is radically reshaping WANs
xAI-Anthropic deal signals the rise of AI compute as a standalone business
Help Net Security
Dutch police disrupts botnet composed of 17 million devices
New infostealer reaches enterprise devices through FortiClient EMS vulnerability
Websites can spy on user activity by analyzing SSD behavior
LinkedIn-themed phishing abuses Adobe’s A/B testing platform
Microsoft 365 Copilot redesign brings context and actions into one workspace
Anthropic launches Claude Opus 4.8, prepares Mythos-class models for all customers
Netskope extends data localization capabilities with NewEdge updates
Claroty targets cyber-physical system risks with AI-powered security agent
Humanix expands detection to identify live violations of security procedures
The behavioral signals that sharpen Trojan malware detection
SC Magazine
Key Questions to Ask When Evaluating an Identity and Access Management Vendor
How to Build an AI Governance Framework for Identity
SAML: How It Works, Common Misconfigurations, and Security Implications
Why IAM Matters: Benefits, Challenges, and Common Pitfalls
How to Evaluate and Select Identity and Access Management Tools
Identity-based attacks: how they work and how to defend against them
Non-Human Identities Are Outgrowing Your Governance Model
Zapier security flaws could have exposed millions of user accounts
U.S. military personnel targeted using commercial location data
CISA adds Daemon Tools, TanStack, and Nx Console compromised versions to KEV catalog
© 2026 RiskDiscovery | Sponsored by: Deception Logic