[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
Critical Bugs in Chaos Mesh Enable Cluster Takeover
Self-Replicating 'Shai-hulud' Worm Targets NPM Packages
'Vane Viper' Threat Group Tied to PropellerAds, Commercial Entities
Innovative FileFix Phishing Attack Proves Plenty Potent
Emerging Yurei Ransomware Claims First Victims
SecurityScorecard Buys AI Automation Capabilities, Boosts Vendor Risk Management
'HybridPetya' Ransomware Bypasses Secure Boot
KillSec Ransomware Hits Brazilian Healthcare Software Provider
FBI Warns of Threat Actors Hitting Salesforce Customers
Building Resilient IT Infrastructure From the Start
Ars Technica
Millions turn to AI chatbots for spiritual guidance and confession
Modder injects AI dialogue into 2002’s Animal Crossing using memory hack
OpenAI and Microsoft sign preliminary deal to revise partnership terms
35 percent of VMware workloads expected to migrate elsewhere by 2028
Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”
Developers joke about “coding like cavemen” as AI service suffers major outage
Microsoft ends OpenAI exclusivity in Office, adds rival Anthropic
Claude’s new AI file-creation feature ships with security risks built in
SAP warns of high-severity vulnerabilities in multiple products
Why accessibility might be AI’s biggest breakthrough
CyberScoop
Senators, FBI Director Patel clash over cyber division personnel, arrests
Apple addresses dozens of vulnerabilities in latest software for iPhones, iPads and Macs
Check Point acquires AI security firm Lakera in push for enterprise AI protection
Top AI companies have spent months working with US, UK governments on model safety
When ‘minimal impact’ isn’t reassuring: lessons from the largest npm supply chain compromise
SonicWall firewalls targeted by fresh Akira ransomware surge
​​DHS watchdog finds mismanagement in critical cyber talent program
CISA work not ‘degraded’ by Trump administration cuts, top agency official says
F5 to acquire AI security firm CalypsoAI for $180 million
Wyden calls on FTC to investigate Microsoft for ‘gross cybersecurity negligence’ in protecting critical infrastructure
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
Hisense's giant 136-inch TV probably won't even fit in your home, but you can get it for $20,000 off
Samsung's Health app might be getting an AI health coach - what we know
Best early Amazon Prime Day deals 2025: Our 35+ favorite sales ahead of October
How Google's new AI model protects user privacy without sacrificing performance
This popular Android Auto feature might be coming back - here's why
ChatGPT will verify your age soon, in attempt to protect teen users
The best Samsung phones of 2025: Expert tested and reviewed
Buy a Samsung Galaxy S25 FE and score a $100 Best Buy gift card - here's how
Your iPhone has an entirely new screenshot editor with AI tools - how to get it now (or revert back)
Is iOS 26 draining your iPhone battery faster? Here's why - and what you can do
The Hacker News
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover
SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids
New FileFix Variant Delivers StealC Malware Through Multilingual Phishing Site
Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack
Securing the Agentic Era: Introducing Astrix's AI Agent Control Plane
Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds
Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack
Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs
6 Browser-Based Attacks Security Teams Need to Prepare For Right Now
⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More
BleepingComputer
Microsoft rolls out Copilot Chat to Microsoft 365 Office apps
Google nukes 224 Android malware apps behind massive ad fraud campaign
Self-propagating supply chain attack hits 187 npm packages
Microsoft: WMIC will be removed after Windows 11 25H2 upgrade
Team-Wide VMware Certification: Your Secret Weapon for Security
Jaguar Land Rover extends shutdown after cyberattack by another week
Apple backports zero-day patches to older iPhones and iPads
New FileFix attack uses steganography to drop StealC malware
Webinar: Your browser is the breach — securing the modern web edge
OpenAI's new GPT-5 Codex model takes on Claude Code
Cybersecurity Dive
Jaguar Land Rover extends production delay following cyberattack
Context is key in a world of identity-based attacks and alert fatigue
Schools are getting better at navigating ransomware attacks, Sophos finds
CISA audit sparks debate about cybersecurity pay incentives
FBI warns about 2 campaigns targeting Salesforce instances
CISA pledges robust support for funding, further development of CVE program
Researchers warn VoidProxy phishing platform can bypass MFA
UK cyber leader calls for shift in focus toward continuity of critical services
How the retail sector teams up to defend against cybercrime
Senior NSC official said US needs to embrace offensive cyber
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Criminals broke into the system Google uses to share info with cops
Apple 0-day likely used in spy attacks affected devices as old as iPhone 8
Self-propagating worm fuels latest npm supply chain compromise
'FileFix' attacks use fake Facebook security alerts to trick victims into running infostealers
JLR stuck in neutral as losses skyrocket amid cyberattack cleanup
China slaps 1-hour deadline on reporting serious cyber incidents
Careless engineer stored recovery codes in plaintext, got whole org pwned
Security begins with visibility: How IGA brings hidden access risks to light
Former FinWise employee may have accessed nearly 700K customer records
Nork snoops whip up fake South Korean military ID with help from ChatGPT
VentureBeat
TechCrunch
Samsung patches zero-day security flaw used to hack into its customers’ phones
Kering, owner of Gucci, Balenciaga, and other luxury brands, confirms hack
Israel announces seizure of $1.5M from crypto wallets tied to Iran
By popular demand: 10 extra exhibit tables open at TechCrunch Disrupt 2025
Here’s the tech powering ICE’s deportation crackdown 
Apple’s latest iPhone security feature just made life more difficult for spyware makers
France says Apple notified victims of new spyware attacks
Kids in the UK are hacking their own schools for dares and notoriety
Vibe coding? Meet vibe security
Jaguar Land Rover says data stolen in disruptive cyberattack
Network World Security
Power shortages are the only thing slowing the data center market
Arista continues to defy expectations, build enterprise momentum
2025 global network outage report and internet health check
China’s strike on Nvidia threatens global AI supply chains, sparking enterprise concerns
Arista touts liquid cooling, optical tech to reduce power consumption for AI networking
Network and cloud implications of agentic AI
There are 121 AI processor companies. How many will succeed?
F5 to acquire CalypsoAI for advanced AI security capabilities
HomeLM: A foundation model for ambient AI
Google enlists new ‘free’ data transfer service as the EU Data Act deadline approaches
Help Net Security
Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack
Sentra enables organizations to leverage Copilot without compromising security
Neon Cyber exits stealth with Workforce Cybersecurity Platform
Digital.ai brings expert-level cryptography to any developer team
Ransomware attackers used incorrectly stored recovery codes to disable EDR agents
N-able strengthens backup threat protection
GitHub adds post-quantum protection for SSH access
Salt Security secures AI agent actions across enterprise APIs
Building security that protects customers, not just auditors
Google introduces VaultGemma, a differentially private LLM built for secure data handling
InfoSecurity Magazine
Fifteen Ransomware Gangs “Retire,” Future Unclear
Gucci and Alexander McQueen Hit by Customer Data Breach
Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads
UK: Tax Refund-Themed Phishing Slows in 2025
JLR Extends Production Halt After Cyber-Attack
API Threats Surge to 40,000 Incidents in 1H 2025
FinWise Bank Warns of Insider Data Breach
HybridPetya Mimics NotPetya, Adds UEFI Compromise
SEO Poisoning Targets Chinese Users with Fake Software Sites
AI-Forged Military IDs Used in North Korean Phishing Attack
© 2025 RiskDiscovery | Sponsored by: Deception Logic