[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon Contest
Exposed Fuel Tank Gauges Under Attack in the US
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat
Trump AI Order Seeks Voluntary Frontier Model Testing
Rust-Written IronWorm Hits NPM Supply Chain
China's TA4922 Expands Cybercrime Attacks Globally
4 Critical Threats Where Attackers Have the Advantage
Bugcrowd Launches EU Data Residency Option For Evolving Data Sovereignty Needs
Pakistan Spies on Afghan Finance Ministry With Xeno RAT
Attackers Use AI to Automate EDR Evasion Testing
Ars Technica
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Websites have a new way to spy on visitors: Analyzing their SSD activity
Millions of AI agents imperiled by critical vulnerability in open source package
US's big bet on quantum computing may not be entirely legal
Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption
A hacker group is poisoning open source code at an unprecedented scale
CyberScoop
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
Hill Dems hammer GOP for $250M CISA budget cut
Your AI agent could become your biggest insider threat 
Inside the race to adapt to an AI-powered security world
European authorities crack down on illegal streaming networks
DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
DOD wants to integrate cyber in all operations, and integrate security into AI
Trump administration releases scaled-back AI executive order
Anthropic expanding access to Project Glasswing
Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
InfoSecurity Magazine
Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook
Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework
Infosecurity Europe: AI Coding Tools Need Built-In Security for Agentic Development Era
Infosecurity Europe: Reactive Security Is Failing Healthcare Organizations, Experts Warn
Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns
Chinese-Speaking Actor TA4922 Widens Its Global Reach
Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark
Infosecurity Europe: How Proton Fights Against Cybercriminals Using Its Services
Infosecurity Europe: How Businesses Can Prepare for a Cybersecurity Crisis with Effective Plans
SecurityWeek
OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds
In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA
Hackers Leak DentaQuest Information Impacting 2.6 Million
Chrome 149 Patches 429 Vulnerabilities
Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday
Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities
Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026
Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk
Webinar Today: Third-Party Risk in Practice – Where Programs Break Down and How to Respond
ZDNet
8 of the best Prime Day laptop deals I'd actually buy myself
7 unique Father's Day gifts and gadgets your dad doesn't already have
4 Android Auto apps I can always rely on for road trips - beyond Maps and Spotify
I cracked open a '1,000W' portable charger after it failed me in minutes - the cause was clear (and gooey)
I traveled 2,700 miles with Sony, Apple, and Sennheiser headphones - this pair sounded the best
Apple WWDC is next week: All the iOS 27, Siri, and more news we're expecting to see
5 ways Android Auto beats your car's own infotainment system - hands down
3 ways a smarter Siri could make me rethink the HomePod over Sonos and Bose
I had ChatGPT build me a free PDF editor because I didn't trust it to change my files - it worked!
I have a new favorite Linux email client in 2026 - and I've tested them all
The Hacker News
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
BleepingComputer
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
Chinese APT deploys new malware to keep access to hacked networks
Dark web Nemesis Market vendor gets 26 years for selling drugs
Over 900 US gas station tank gauge systems exposed to attacks
What 2026 DBIR Confirms: Attacks Are Living in the Browser
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
Brave Software releases Origin for a paid, bloat-free browsing experience
Hola Browser for Windows compromised to deliver cryptominer
Credit card theft campaign abuses Stripe to host stolen payment info
DentaQuest data breach exposed info of 2.6 million accounts
gbhackers
Hackers Weaponize Trusted Tools to Deploy Notorious Malware
New Magecart Attack Abuses Stripe as Malware C2
Hola Browser Windows Delivery Pipeline Hijacked to Deploy Cryptominer
Trend Micro Deep Security Agent Flaw Allows Repeatable Security Bypass
Hugging Face Transformers Security Flaw Allows Remote Code Execution
New Gafgyt Variant Targets Linux Systems With Modular Spread Tactics
Malicious Browser Add-Ons Target Major AI Chatbot Users
New SHub Stealer Variant Targets Major Browsers and Crypto Wallets
AI-Powered Worm Leverages Stolen Compute to Target Linux, Windows, and IoT Devices
Zero-Click Agentic AI Attack Bypasses Human Oversight
Cybersecurity Dive
Cisco warns zero-day flaw in SD-WAN is being exploited
Sprawling new House AI bill includes frontier model oversight, open-source security grants
CISA chief says Trump AI executive order implementation will start soon
CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand
‘Don’t panic’: AI reality checks dominate major cybersecurity conference
CISA, FBI warn that hackers are targeting systems used to monitor industrial fluids
Trump signs EO seeking early government access to powerful AI models
Dozens of Red Hat npm packages targeted in supply chain attack
Anthropic shares Mythos with 150 more organizations, including critical infrastructure operators
Turning tension into collaboration: How CIOs and CISOs can lead together
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
If you don't fall for these extortionists' calls, they'll show up with USB sticks
Yet another Cisco SD-WAN 0-day under attack, and no patch in sight
World Food Programme breach exposes data of 600k vulnerable Gazan families
Council in UK's City of York outs hundreds of disabled residents with a single email blunder
Pink is the latest goon squad to use fake helpdesk calls to steal creds
OpenAI's agent chained decade-old DoS attacks to crash web servers in seconds
Five Eyes: Watch out for odd LinkedIn connection requests, China's back on the hunt for state secrets
Duo who sold car crash victims' data must repay £118k
Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine
All the passwords were stored in Active Directory description fields
VentureBeat
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
Claude Mythos exposed a hard truth: Your enterprise patching process is way too slow
DataGrail report finds your vendor may be sending data to AI models you never approved
TechCrunch
Former cyber executive turned whistleblower accuses IBM of covering up several data breaches
Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person
NSA said to be readying Anthropic’s Mythos for use in cyber operations
Filtr is a new privacy tool that blocks ads in almost every iPhone and Mac app
Defense tech, AI, and fundraising take center stage at StrictlyVC Los Angeles on June 18
Chinese spies are using LinkedIn to lure Westerners into sharing sensitive information
Ultrahuman says hackers accessed customers’ wellness data via internal tool
Instagram is alerting users who were targeted by hackers during AI chatbot attacks
Cyera eyes $12B valuation at 80x ARR multiple despite operating losses
Password manager Dashlane says hackers stole some customers’ password vaults
Network World Security
New data center routing design cuts AWS networking energy costs by 40%, Amazon claims
Cisco: Latest news and insights
Network jobs watch: Hiring, skills and certification trends
How Cisco IT cut observability costs by 86% and eliminated major network outages
Microsoft makes Linux developers feel more at home in Windows with Coreutils release
AMD ships second-gen Versal Prime accelerators
CompTIA debuts AutoOps+ certification
Cisco sees quantum networking as the future of networking
Enterprise Spotlight: Rethinking cloud strategy in the age of AI
What is Cisco Cloud Control and why should customers care?
Help Net Security
Attackers obtained encrypted password vaults from some Dashlane user accounts
Let’s Encrypt works toward post-quantum certificates at web scale
Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)
AI is helping low-skill hackers pull off advanced cyberattacks
Photos: Infosecurity Europe 2026
June 2026 Patch Tuesday forecast: Where are the CVEs?
AgentGG: Open-source agentic SAST scanner
Thieves can pull off keyless car theft in under a minute and here’s how to stop them
AI agent governance gets harder when agents outnumber your people
Most pros have seen AI hallucinations in IT operations
SC Magazine
Local AI, Salesforce, Fluttershell, Aspose, http/2, Cisco, Used Tech, Josh Marpet - SWN #587
IronWorm malware, similar to Shai-Hulud, hits 57 projects across 9 organizations
Another Cisco Catalyst SD-WAN Manager bug actively exploited
Why AI Agents Need an Identity Model, Not Just an API Key
Magecart campaign exploits Stripe API for credit card theft
Why writing software has become dangerous today
Commvault offers recommendations for resilience in the age of frontier AI
Hola browser supply chain attack delivers cryptocurrency miner
Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware
China-linked actors using job sites to target government workers, Five Eyes warns
© 2026 RiskDiscovery | Sponsored by: Deception Logic