[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
GISEC GLOBAL 2026 – The Middle East & Africa’s Largest Cybersecurity Event
Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files
The CISO-COO Partnership: Protecting Operational Excellence
React2Shell Exploits Flood the Internet as Attacks Continue
Vibe Coding: Innovation Demands Vigilance
Microsoft Will Bundle Security Copilot With M365 Enterprise Licenses
Supply Chain Attacks Targeting GitHub Actions Increased in 2025
Are Trade Concerns Trumping US Cybersecurity?
Hamas-Linked Hackers Probe Middle Eastern Diplomats
Money Mules Require Banks to Switch From Defense to Offense
Ars Technica
OpenAI built an AI coding agent and uses it to improve the agent itself
OpenAI releases GPT-5.2 after “code red” Google threat alert
Disney invests $1 billion in OpenAI, licenses 200 characters for AI video app Sora
Oracle shares slide on $15B increase in data center spending
A new open-weights AI coding model is closing in on proprietary options
Operation Bluebird wants to relaunch “Twitter,” says Musk abandoned the name and logo
Meta offers EU users ad-light option in push to end investigation
In comedy of errors, men accused of wiping gov databases turned to an AI tool
Admins and defenders gird themselves against maximum-severity server vuln
Microsoft drops AI sales targets in half after salespeople miss their quotas
CyberScoop
DOJ sues Fulton County over 2020 voter data 
Trump moves to pardon Colorado election clerk Tina Peters, even though he can’t
Warrant requirements, Democratic worries could factor into spy law renewal debate
New cybersecurity guidance paves the way for AI in critical infrastructure 
Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims
As White House moves to send AI chips to China, Trump’s DOJ prosecutes chip smugglers
US charges hacker tied to Russian groups that targeted water systems and meat plants
The 10 key reforms that can close America’s cybersecurity gaps
Organizations can now buy cyber insurance that covers deepfakes
Microsoft’s last Patch Tuesday of 2025 addresses 57 defects, including one zero-day
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
Own an Apple TV? I changed 12 settings to instantly make the system run like new again
iRobot's bankruptcy could change your Roomba forever - here's how and why
10 things I wish I knew before trusting Claude Code to build my iPhone app
How much RAM do you really need in 2025? A Windows and Mac expert explains
Can you trust an AI health coach? A month with my Pixel Watch made the answer obvious
Verizon will give you a free Nintendo Switch for a limited time - how to qualify for the deal
The 9 tech gadgets I couldn't live without in 2025 (and most are travel friendly)
Want to boost your career? This power move will future-proof you - here's how
As Meta fades in open-source AI, Nvidia senses its chance to lead
How I run MacOS on my iPad when traveling (and 2 mistakes to avoid)
The Hacker News
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More
A Browser Extension Risk Guide After the ShadyPanda Campaign
Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption
CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads
New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale
Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work
BleepingComputer
2025’s Top Phishing Trends and What They Mean for Your Security Strategy
Microsoft: Recent Windows updates break VPN access for WSL users
Google links more Chinese hacking groups to React2Shell attacks
French Interior Ministry confirms cyberattack on email servers
Microsoft: December security updates cause Message Queuing failures
Beware: PayPal subscriptions abused to send fake purchase emails
CyberVolk’s ransomware debut stumbles on cryptography weakness
Apple fixes two zero-day flaws exploited in 'sophisticated' attacks
Coupang data breach traced to ex-employee who retained system access
Fake ‘One Battle After Another’ torrent hides malware in subtitles
Cybersecurity Dive
The new frontline: How AI and automation are securing the supply chain
Fighting AI with AI: How midmarket teams can turn the tables on smarter threats
React issues new patches after security researchers flag additional flaws
CISA updates cybersecurity benchmarks for critical infrastructure organizations
Cyberattacks force small firms to raise prices: ITRC
Grid-scale battery energy storage systems face heightened risk of cyberattack
React Server Components crisis escalates as security teams respond to compromises
Pro-Russia hacktivists launching attacks that could damage OT
Majority of global firms plan to boost cyber spending in 2026
Initial access brokers involved in more attacks, including on critical infrastructure
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Delay to European Central Bank messaging project cost the Bank of England £23M
JLR: Payroll data stolen in cybercrime that shook UK economy
Apple, Google forced to issue emergency 0-day patches
Denmark takes a Viking swing at VPN-enabled piracy
Legal protection for ethical hacking under Computer Misuse Act is only the first step
Starlink claims Chinese launch came within 200 meters of broadband satellite
Honeypots can help defenders, or damn them if implemented badly
Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit
New React vulns leak secrets, invite DoS attacks
Microsoft promises more bug payouts, with or without a bounty program
VentureBeat
Anthropic vs. OpenAI red teaming methods reveal different security priorities for enterprise AI
AI models block 87% of single attacks, but just 8% when attackers persist
Hybrid cloud security must be rebuilt for an AI war it was never designed to fight
Prompt Security's Itamar Golan on why generative AI security requires building a category, not a feature
DeepSeek injects 50% more security bugs when prompted with Chinese political triggers
For AI to succeed in the SOC, CISOs need to remove legacy walls now
Human-centric IAM is failing: Agentic AI requires a new identity control plane
TechCrunch
Google and Apple roll out emergency security updates after zero-day attacks
Data breach at credit check giant 700Credit affects at least 5.6 million
Home Depot exposed access to internal systems for a year, says researcher
Flaw in photo booth maker’s website exposes customers’ pictures
Security flaws in Freedom Chat app exposed users’ phone numbers and PINs
CEO of South Korean retail giant Coupang resigns after massive data breach
Petco takes down Vetco website after exposing customers’ personal information
FTC upholds ban on stalkerware founder Scott Zuckerman
Petco’s security lapse affected customers’ SSNs, driver’s licenses, and more 
Petco confirms security lapse exposed customers’ personal data
Network World Security
Cloud providers continue to push EU court to undo Broadcom-VMware merger
FinOps Foundation sharpens FOCUS to reduce cloud cost chaos
P4 programming: Redefining what’s possible in network infrastructure
Aetherflux joins the race to launch orbital data centers by 2027
Here’s what Oracle’s soaring infrastructure spend could mean for enterprises
New Nvidia software gives data centers deeper visibility into GPU thermals and reliability
Arista goes big with campus wireless tech
Network jobs watch: Hiring, skills and certification trends
Cybersecurity skills matter more than headcount in an AI era: ISC2 study
Most significant networking acquisitions of 2025
Help Net Security
What Cloudflare’s 2025 internet review says about attacks, outages, and traffic shifts
Astra introduces offensive-grade cloud vulnerability scanner to cut noise and prove risk
Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)
Kali Linux 2025.4: New tools and “quality-of-life” improvements
How researchers are teaching AI agents to ask for permission the right way
Prometheus: Open-source metrics and monitoring systems and services
Europe’s DMA raises new security worries for mobile ecosystems
What types of compliance should your password manager support?
Manufacturing is becoming a test bed for ransomware shifts
Week in review: 40 open-source tools securing the stack, invisible IT to be the next workplace priority
InfoSecurity Magazine
Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack
Top 25 Most Dangerous Software Weaknesses of 2025 Revealed
NCSC Playbook Embeds Cyber Essentials in Supply Chains
NCSC Plugs Gap in Cyber-Deception Guidance
ICO Fines LastPass £1.2m After 2022 Breach
South Korean Police Raid Coupang Over Data Breach as CEO Resigns
OpenAI Enhances Defensive Models to Mitigate Cyber-Threats
Malware Discovered in 19 Visual Studio Code Extensions
Scam-Busting FCA Firm Checker Tool Given Cautious Welcome
© 2025 RiskDiscovery | Sponsored by: Deception Logic