[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence
'Lorem Ipsum' Malware Pivots to ClickFix Delivery
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
China-Nexus Actor Spies on US Researchers Undetected for a Year
Most CISOs Report Pressure to Bury Bad Security News
The Beginning of the End of Social Engineering
US Cracks Down on Anthropic AI Models Amid Abuse Concerns
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
Ars Technica
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
Users cry foul after AMD stripped memory crypto from its consumer CPUs
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
CyberScoop
A case for how to shape ‘ingredient lists’ for AI models
Google exposes China espionage group that’s been lurking in networks undetected since 2023
Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat 
Anthropic disables new models after government calls them a national security concern
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
US, France, and Italian authorities shut down massive deepfake porn site
Conti ransomware group member pleads guilty, faces up to 20 years in prison
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
CyberCorps is adapting to AI. The budget isn’t keeping up.
Russian national charged in connection with Void Blizzard espionage campaign
InfoSecurity Magazine
SprySOCKS Backdoor Expands From Linux to Windows
Rokarolla Trojan Combines Banking Fraud With Device Surveillance
Over Two-Thirds of Security Pros Say Cyber Is Getting Harder
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats
FBI Warns Courier Cash Pickups Are Driving Crypto Scams
Attackers Hijack Popular WordPress Plugins to Deploy Backdoors
Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks
Cybersecurity Experts Urge US to Lift Ban on Anthropic's Frontier AI Models
UK Government Finds 400+ Vulnerabilities in AI Hackathons
SecurityWeek
iRhythm Confirms Data Stolen in Hack
Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker
Magnitude Emerges From Stealth Mode With $10 Million in Funding
AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask
Endpoint Security Startup Ent Emerges From Stealth With $100 Million Seed Round
Cybercrime Group Claims Novo Nordisk Hack
Can CISOs Trust Their Applications? TrustCloud Wants to Replace the Questionnaire
Cal Water Investigating Iranian Hackers’ Claims
White House Issues Memo to Bolster NSS Cybersecurity
Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages
ZDNet
How I'm using this $13 smart plug to automate my house with voice commands
These are the 11 best early Prime Day phone deals I'd actually buy myself
The 8 best early Prime Day headphone deals: Apple, Bose, Sony, and more deals I'd buy myself
The DIY era of smartwatches has begun - Google and Apple already have me hooked
Android 17 is out now, with a fresh Pixel Drop for June - here's what's new
7 interesting Father's Day gifts and gadgets (that will arrive before Sunday)
The best early Amazon Prime Day deals: Up to 30% off Anker, Samsung, and Oura (so far)
The best Costco deals to compete with Prime Day: TVs, Apple devices, and more
The best early Walmart deals to compete with Prime Day: Laptops, TVs, smart glasses, and more
I tried AnduinOS 2.0, and it may be the easiest way to ditch Windows for Linux
The Hacker News
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
BleepingComputer
New Rokarolla Android malware targets 217 banking, crypto apps
Steam Workshop abused to spread malware via Wallpaper Engine app
UK to require ID or face scan before you can make social media accounts
GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
FTC warns of record $3.5 billion losses to imposter scams in 2025
CISA warns of another cPanel plugin flaw exploited in attacks
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
Critical Fortinet FortiSandbox flaws now exploited in attacks
Windows version of SprySOCKS Linux malware used to attack govt orgs
iRhythm discloses data breach, says hackers stole patient info
gbhackers
Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio
AppViewX Launches Agent Identity Security to Govern Agents for the AI and Quantum Era
Developer laptops are the credential store attackers are picking through in 2026, GitGuardian announces Endpoint Protection
Silent Ransom Group Targets US Legal Firms With Voice Phishing and Data Theft Extortion
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Microsoft Teams Relay Abused by Hackers to Hide Malicious Traffic
Hackers Use OnionDrop Loader With DLL Sideloading to Deploy Multiple Infostealers
Novo Nordisk Confirms Cyberattack Exposing Patient Medical Data and Internal AI Assets
Infinite Campus Breach Leaks Personal Information of 137,000 Users
Hackers Abuse Compromised WordPress Sites to Deliver GULoader Through EtherHiding Chain
Cybersecurity Dive
AI adoption correlates with incident frequency, underscoring need for governance
China-nexus group linked to multiyear campaign targeting US, Canadian medical research
Cybersecurity experts blast US government for restricting Anthropic’s AI models
MS-ISAC enters uncertain new era after losing federal funding and thousands of members
Agentic AI surges in financial sector even as many firms fail to manage security risks
It’s Mythos’ world now. How do we live in it?
ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft
Enterprises report increasing budgets for security training in AI and other critical topics
FIFA World Cup expected to face extensive criminal, hacktivist cyber threats
CISA gives agencies new vulnerability remediation deadlines that take risk levels into account
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Python dev saved from disaster by intuition...and AI
Three critical Fortinet sandbox bugs splattered by unknown attackers
Crooks found a new way to collaborate using Teams – by hiding command-and-control traffic
Cardiac monitor maker's security skips a beat as data thieves go for the jugular
Cisco SD-WAN make-me-root bug under attack
Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Feds snooze as US datacenter law set to lapse with no replacement in site
Microsoft site throwing warnings after someone forgot to renew cert
PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data
VentureBeat
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
TechCrunch
Bug in FIFA World Cup internal system gave anyone ability to modify TV stream
India orders temporary ban on Telegram over exam fraud concerns
The US government’s Anthropic models ban was never about an AI jailbreak
Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models
As AI agents become employees, NewCore emerges with $66M to give them identities
Amazon CEO reportedly raised Anthropic model concerns before government crackdown
The FBI built its own replica small town to simulate real-world cyberattacks
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
Oracle warns of security bug that hackers abused to breach 100+ companies
Network World Security
HPE product barrage targets AI networks, agents, management
2026 network outage report and internet health check
Cloud strategies have become more complicated than ever
Cisco patches SD-WAN flaw amid evidence of active exploitation
IBM sends signals with its $10 billion quantum pledge
NetBox at 10: Network inventory tool now a full infrastructure intelligence platform
How Jeetu Patel made Cisco unrecognizable
Amazon claims its data centers are 7x more water-efficient than the industry average
Marvell announces 102.4 Tbps switch silicon built for AI
IBM, ServiceNow team to bring AI to legacy enterprise systems
Help Net Security
Attackers are exploiting FortiSandbox vulnerabilities
Cybercriminals mask malicious communications through Microsoft Teams relays
TekStream launches Proactive Cyber Defense to counter AI-driven threats
SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)
AppViewX extends machine identity security to AI agents and post-quantum environments
Teleport adds LLM Proxy and Delegated Identity to secure AI agent actions and access
Radware AI Xploit Shield delivers virtual patching for newly identified application and API flaws
Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)
Crypto scammers are sending couriers to victims’ homes to collect cash
Software supply chains are heading for a transparency test
SC Magazine
Board Positioning for Identity Programs: The Platform Integration Blind Spot
Identity as a Business Asset: Strategies for Security Leaders
Your Third-Party Access Problem Is a Board-Level Liability
Why Identity Budgets Are Still Sized for the Wrong Threat
Three critical FortiSandbox bugs rated 9.8 actively exploited
Governing Agentic AI in the Age of Non-Human Identities - Amit Masand - IDV26 #1
Stop Identity Fraud: Modern Strategies for Insurance and Healthcare - Kim Brown - IDV26 #1
From Sales Engineer to Forward Deployed Engineer: The Rise of Hybrid Technical Roles - Jaime Lewis-Gross - IDV26 #1
The Human Authorized. The Agent Acted. Who's Accountable? - Howard Ting - IDV26 #1
Identity Security at Identiverse 2026: Navigating AI, Agents, and Emerging Threats - IDV26 #1
© 2026 RiskDiscovery | Sponsored by: Deception Logic