[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
If AI's So Smart, Why Does It Keep Deleting Production Databases?
Name That Toon: Mark of (Security) Progress
20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber
Oracle Red Bull Racing Team Revs Up Automation to Boost Security
Claude Mythos Fears Startle Japan's Financial Services Sector
Reverse Engineering With AI Unearths High-Severity GitHub Bug
AI Finds 38 Security Flaws in Electronic Health Record Platform
Ars Technica
The most severe Linux threat to surface in years catches the world flat-footed
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
CyberScoop
US government, allies publish guidance on how to safely deploy AI agents
Former incident responders sentenced to 4 years in prison for committing ransomware attacks
FCC tightens KYC rules for telecoms, closes loophole for banned foreign services
Congress kicks the can down the road on surveillance law (again)
cPanel’s authentication bypass bug is being exploited in the wild, CISA warns
Two new extortion crews are speedrunning the Scattered Spider playbook
Everyone’s building AI agents. Almost nobody’s ready for what they do to identity.
Congress, industry ponder government posture for protecting data centers
Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul
Federal CIO cautious on Anthropic’s Mythos despite planned rollout
InfoSecurity Magazine
Anthropic Rolls Out Claude Security for AI Vulnerability Scanning
Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks
Nine-Year-Old Zero-Day Flaw in Linux Kernel Discovered by AI-Equipped Security Researcher
Three Arrested for Hacking Over 610,000 Roblox Accounts
Deep#Door Python Backdoor Evades Detection On Windows
CISA and Partners Publish Zero Trust Guidance For OT Security
UK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat Levels
Europol Busts Albanian Scam Call Centers in Major Online Fraud Case
Cyber is the Number One Global “People Risk,” Says Marsh
Cursor Extension Flaw Exposes Developer API Keys
SecurityWeek
In Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability 
Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge
Two US Security Experts Sentenced to Prison for Helping Ransomware Gang
Sophisticated Deep#Door Backdoor Enables Espionage, Disruption
Cisco Releases Open Source Tool for AI Model Provenance 
Hugging Face, ClawHub Abused for Malware Distribution
FBI Warns of Surge in Hacker-Enabled Cargo Theft
1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom
Anthropic Unveils Claude Security to Counter AI-Powered Exploit Surge
AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours
ZDNet
5 last-minute gifts your mom will actually like for Mother's Day (and all are on sale)
Samsung will give you a free 32-inch Odyssey monitor right now - how to qualify
Google Maps vs. Waze: I compared the two best navigation apps, and this one wins
How we test AI at ZDNET
This portable computer is the Raspberry Pi alternative I didn't know I needed
I spent 30 days working without a laptop - here's what it taught me about real productivity
I've tested robot mowers for years - here's my expert advice for every yard type
Best Buy just slashed up to $2,000 off our favorite TCL Mini LED TV - no strings attached
Mini LED vs. OLED: I've tested dozens of TV with both display types, and this one's better
Eero Signal keeps your business online during internet outages
The Hacker News
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Top Five Sales Challenges Costing MSPs Cybersecurity Revenue
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
BleepingComputer
15-year-old detained over French govt agency data breach
Story retracted
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Microsoft fixes Remote Desktop warnings displaying incorrectly
Microsoft now lets admins choose pre-installed Store apps to uninstall
Windows 11 KB5083631 update released with 34 changes and fixes
US ransomware negotiators get 4 years in prison over BlackCat attacks
New Bluekit phishing service includes an AI assistant, 40 templates
Romanian leader of online swatting ring gets 4 years in prison
FBI links cybercriminals to sharp surge in cargo theft attacks
gbhackers
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
EtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise Admins
New Android Spyware Platform Enables Rebranding and Resale
CAPTCHA and ClickFix Abuse Fuels Credential Theft Surge
Multiple Exim Mail Server Vulnerabilities Could Trigger Crashes via Malicious DNS Data
DDoS Malware Targets Jenkins to Hit Valve Game Servers
Multiple Wireshark Vulnerabilities Allow Arbitrary Code Execution via Malformed Packets
AI-Powered Ransomware Surge Hits 7,831 Victims Worldwide
Deep#Door Stealer Targets Passwords, Tokens, SSH Keys, and Wi-Fi Credentials
FBI Warns Logistics Sector of Fake Business Identity Cargo Scams
Cybersecurity Dive
As email phishing evolves, malicious attachments decline and QR codes surge
US and allies urge ‘careful adoption’ of AI agents
PwC partners with Google Cloud to take on the managed security market
US agencies promote zero-trust practices for operational technology networks
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog
State CISOs losing confidence in ability to manage cyber risks
‘Fundamental tension’ undermines manufacturers’ cybersecurity
North Korea-linked actor targets Web3 execs in social-engineering campaign
Major critical infrastructure supplier reports cyberattack
US, UK authorities warn that Firestarter backdoor malware survives patching
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially exposed
OpenAI locks GPT-5.5-Cyber behind velvet rope despite slamming Anthropic for doing exactly that
Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down
Passport to £££: Home Office adds £216M to travel doc contract before a single bid's been placed
The never-ending supply chain attacks worm into SAP npm packages, other dev tools
Bot her emails: most modern phishing campaigns are AI-enabled
FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'
Google's fix for critical Gemini CLI bug might break your CI/CD pipelines
French prosecutors link 15-year-old to mega-breach at state’s secure document agency
Nearly half of UK businesses pwned last year as phishing keeps doing the job like it's 2005
VentureBeat
Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it
Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall
The enforcement gap: 88% of enterprises reported AI agent security incidents last year
TechCrunch
Ubuntu services hit by outages after DDoS attack
Hackers are actively exploiting a bug in cPanel, used by millions of websites
After dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, too
Dental practice software maker fixes bug that exposed patients’ medical records
Sri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministry
Paragon is not collaborating with Italian authorities probing spyware attacks, report says
US Supreme Court appears split over controversial use of ‘geofence’ search warrants
Hacker who allegedly carried out cyberattacks for China is extradited to US
Critical infrastructure giant Itron says it was hacked
Another spyware maker caught distributing fake Android snooping apps
Network World Security
Extreme Networks: Memory advantage, Wi-Fi 7 and competitive flux drive momentum
Scenes from the great data center revolt
Enterprise Spotlight: Transforming software development with AI
When 170,000 people show up: Network refresh readies Churchill Downs for Kentucky Derby
Network jobs watch: Hiring, skills and certification trends
IT certification pay surges as noncertified skills slump
QuEra claims quantum error correction breakthrough with 2-to-1 qubit ratio
HPE expands ProLiant line with rugged edge servers
Deconstructing the data center: A massive (and massively liberating) project
Cisco bolsters security, AI support in latest SD-WAN release
Help Net Security
Download: Automating Pentest Delivery Guide
Open-source privacy proxy masks PII before prompts reach external AI services
Shadow AI risks deepen as 31% of users get no employer training
Identity is the control plane for distributed infrastructure
AI traffic is getting bigger, louder, and less predictable
New infosec products of the month: April 2026
cPanel zero-day exploited for months before patch release (CVE-2026-41940)
Cisco releases open-source toolkit for verifying AI model lineage
Met Police face criticism for using AI to spy on their own officers
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)
SC Magazine
Commercial spam and phishing attacks increasingly leverage trusted platforms
Decade-old vulnerabilities continue to fuel millions of cyberattacks in the UK
FCC approves new rules to combat robocalls and bolster cybersecurity
House passes surveillance program extension bill
Medical device threats increasingly disrupt healthcare systems
Arbitrary code pushed by long concealed backdoor in widely used WordPress redirect add-on
New Mach-O Man malware tapped by Lazarus in macOS-targeted ClickFix attacks
Multi-platform targeting, AiTM capabilities flexed by novel Bluekit phishing kit
Illicit AI-assisted commit-linked npm dependency compromises crypto wallets
Supply chain attack against SAP npm packages facilitates credential theft
© 2026 RiskDiscovery | Sponsored by: Deception Logic