[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
'Lorem Ipsum' Malware Pivots to ClickFix Delivery
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
China-Nexus Actor Spies on US Researchers Undetected for a Year
Most CISOs Report Pressure to Bury Bad Security News
The Beginning of the End of Social Engineering
US Cracks Down on Anthropic AI Models Amid Abuse Concerns
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
Claude Fable 5 Doesn't Change the Mythos Security Story
Phishing Attack Volume Down 20%, But Risk Still Rising
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Ars Technica
Critical Copilot vulnerability allowed hackers to seal 2FA code from users
Users cry foul after AMD stripped memory crypto from its consumer CPUs
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
CyberScoop
Google exposes China espionage group that’s been lurking in networks undetected since 2023
Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat 
Anthropic disables new models after government calls them a national security concern
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
US, France, and Italian authorities shut down massive deepfake porn site
Conti ransomware group member pleads guilty, faces up to 20 years in prison
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
CyberCorps is adapting to AI. The budget isn’t keeping up.
Russian national charged in connection with Void Blizzard espionage campaign
OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers 
InfoSecurity Magazine
SprySOCKS Backdoor Expands From Linux to Windows
Rokarolla Trojan Combines Banking Fraud With Device Surveillance
Over Two-Thirds of Security Pros Say Cyber Is Getting Harder
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats
FBI Warns Courier Cash Pickups Are Driving Crypto Scams
Attackers Hijack Popular WordPress Plugins to Deploy Backdoors
Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks
Cybersecurity Experts Urge US to Lift Ban on Anthropic's Frontier AI Models
UK Government Finds 400+ Vulnerabilities in AI Hackathons
SecurityWeek
Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker
Magnitude Emerges From Stealth Mode With $10 Million in Funding
AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask
Endpoint Security Startup Ent Emerges From Stealth With $100 Million Seed Round
Cybercrime Group Claims Novo Nordisk Hack
Can CISOs Trust Their Applications? TrustCloud Wants to Replace the Questionnaire
Cal Water Investigating Iranian Hackers’ Claims
White House Issues Memo to Bolster NSS Cybersecurity
Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages
Cybersecurity Executives Urge the Trump Administration to Ease Restrictions on Anthropic AI Models
ZDNet
15 of the best Prime Day laptop deals (I'd actually buy myself)
Linux 7.1 is here to end the Intel 486 CPU era - and do some serious legacy clean up
3 unofficial Android Auto apps I installed to make my car screen more useful - and how
I tested fast chargers with the best iPhone, Samsung, and OnePlus phones - and two surprised me
Sony WH-1000XM6 vs. Sennheiser Momentum 5: I've tested both pairs for months, and this one wins
Chainguard's new Athena coalition uses AI to fix open-source flaws - before attackers exploit them
7 cost-efficient ways I made my TV sound a lot better (no soundbar required)
I tested a Bluetooth tracker that leverages LoRa mesh networks to find things - and it's so accurate
Get Audible for 3 months totally free - here's how
I modified my PC setup with a 15-in-1 docking station, and the benefits go beyond more ports
The Hacker News
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
BleepingComputer
UK to require ID or face scan before you can make social media accounts
GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
FTC warns of record $3.5 billion losses to imposter scams in 2025
CISA warns of another cPanel plugin flaw exploited in attacks
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
Critical Fortinet FortiSandbox flaws now exploited in attacks
Windows version of SprySOCKS Linux malware used to attack govt orgs
iRhythm discloses data breach, says hackers stole patient info
DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
SimpleHelp bug lets hackers create rogue remote support accounts
gbhackers
AppViewX Launches Agent Identity Security to Govern Agents for the AI and Quantum Era
Developer laptops are the credential store attackers are picking through in 2026, GitGuardian announces Endpoint Protection
Silent Ransom Group Targets US Legal Firms With Voice Phishing and Data Theft Extortion
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Microsoft Teams Relay Abused by Hackers to Hide Malicious Traffic
Hackers Use OnionDrop Loader With DLL Sideloading to Deploy Multiple Infostealers
Novo Nordisk Confirms Cyberattack Exposing Patient Medical Data and Internal AI Assets
Infinite Campus Breach Leaks Personal Information of 137,000 Users
Hackers Abuse Compromised WordPress Sites to Deliver GULoader Through EtherHiding Chain
Ghostwriter APT Uses Fake Gmail Login Panels to Steal Passwords and 2FA Codes
Cybersecurity Dive
China-nexus group linked to multiyear campaign targeting US, Canadian medical research
Cybersecurity experts blast US government for restricting Anthropic’s AI models
MS-ISAC enters uncertain new era after losing federal funding and thousands of members
Agentic AI surges in financial sector even as many firms fail to manage security risks
It’s Mythos’ world now. How do we live in it?
ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft
Enterprises report increasing budgets for security training in AI and other critical topics
FIFA World Cup expected to face extensive criminal, hacktivist cyber threats
CISA gives agencies new vulnerability remediation deadlines that take risk levels into account
CISA, researchers warn of escalating attacks using Cisco Catalyst SD-WAN flaws
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Crooks found a new way to collaborate using Teams – by hiding command-and-control traffic
Cardiac monitor maker's security skips a beat as data thieves go for the jugular
Cisco SD-WAN make-me-root bug under attack
Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Feds snooze as US datacenter law set to lapse with no replacement in site
Microsoft site throwing warnings after someone forgot to renew cert
PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data
Arch Linux locks down AUR signups amid wave of malicious commits
AI is code – and can't be prompted into being smarter
VentureBeat
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
TechCrunch
India orders temporary ban on Telegram over exam fraud concerns
The US government’s Anthropic models ban was never about an AI jailbreak
Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models
As AI agents become employees, NewCore emerges with $66M to give them identities
Amazon CEO reportedly raised Anthropic model concerns before government crackdown
The FBI built its own replica small town to simulate real-world cyberattacks
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
Oracle warns of security bug that hackers abused to breach 100+ companies
South Korea hits Coupang with $400M+ fine for data breach that affected millions
Network World Security
Cloud strategies have become more complicated than ever
Cisco patches SD-WAN flaw amid evidence of active exploitation
IBM sends signals with its $10 billion quantum pledge
NetBox at 10: Network inventory tool now a full infrastructure intelligence platform
How Jeetu Patel made Cisco unrecognizable
Amazon claims its data centers are 7x more water-efficient than the industry average
Marvell announces 102.4 Tbps switch silicon built for AI
IBM, ServiceNow team to bring AI to legacy enterprise systems
AI-powered WAF, virtual patching: How F5 is hardening networks against frontier threats
A quick look at Cisco’s strategy to become a software monster
Help Net Security
Cybercriminals mask malicious communications through Microsoft Teams relays
TekStream launches Proactive Cyber Defense to counter AI-driven threats
SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)
AppViewX extends machine identity security to AI agents and post-quantum environments
Teleport adds LLM Proxy and Delegated Identity to secure AI agent actions and access
Radware AI Xploit Shield delivers virtual patching for newly identified application and API flaws
Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)
Crypto scammers are sending couriers to victims’ homes to collect cash
Software supply chains are heading for a transparency test
Planning a trip? Fake travel sites are multiplying this summer
SC Magazine
100-plus cyber leaders, experts urge feds not to block Fable access
6 ways to identify non-human identities (NHIs)
Why Does It Matter Who or What Created the Code? - Matias Madou - ASW #387
China-linked group uses InfiniteRed malware to target medical research institutions
Leading job sites sell user data, Incogni report reveals
Mackay Sugar hit by cyberattack during crucial processing season
FBI warns of couriers collecting crypto scam payments
SearchLeak vulnerability allows data theft from Microsoft 365 Copilot Enterprise
1Password acquires Apono to bolster AI security
Gigamon and Zscaler integrate network telemetry with zero-trust access
© 2026 RiskDiscovery | Sponsored by: Deception Logic