[
News
|
Newsletters
|
Blogs
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
Crafty Phishing Campaigns Auto-Adapt to Victim's Device, OS
And the Winner in Dominant Malware Delivery? ClickFix
'Phantom Squatting': An Emerging AI-Driven Supply Chain Threat
Safe Events Start With Threat Intel and Digital Security
China-Linked Group Targets Southeast Asia Critical Systems
Fake Bug Report Hijacks AI Coding Agents at Scale
Attackers Seize Exposed AI Endpoints to Power Offensive Ops
Why Identity Security Is Your Cyber Career Entry Point
Phishers Gain Persistence at EU, Asia Hospitality Orgs
AI-Generated Workflows Are a Silent Security Disaster
Ars Technica
T-Mobile moving tens of thousands of virtual machines off VMware amid lawsuit
New attack provides one more reason why AI browsers are a bad idea
US offers $10 million for info on group behind Signal and WhatsApp hacking spree
Notion killing Skiff-influenced email app since most users use AI agents instead
One-two punch delivered in global operation disrupts cybercrime "assembly line"
White House drastically shortens deadline for dropping quantum-vulnerable crypto
Oracle’s 21,000 layoffs help drive its debt-fueled AI investments
Following user outcry, AMD reinstates memory encryption in consumer CPUs
Microsoft discovers new lightweight backdoor that steals cryptocurrency
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
CyberScoop
Researchers spot exploitation of another critical Oracle defect
US lifting export control restrictions on Anthropic’s Mythos, Fable
This phishing kit looks more like BEC-as-a-service
Citrix patches a new NetScaler flaw with echoes of CitrixBleed
Trump budget boss Russell Vought open to re-staffing CISA
DHS to unveil replacement council for critical infrastructure cybersecurity
How ransomware syndicates weaponize corporate-style organization
Warner bill would create federally vetted list for secure, trustworthy AI agents
Supreme Court approves mail-in ballots that arrive after Election Day
Supreme Court delivers ‘major win’ for tech privacy in Chatrie ruling
InfoSecurity Magazine
NCSC Shares Tips on How to Make a Pen Tester’s Job Harder
Alleged Scattered Spider Member Extradited to US
Fileless Malware Abuses Google Blogspot to Deploy Infostealer in Memory
Brazilian Banking Trojan Ousaban Targets Spain and Portugal
Anthropic's Fable 5 and Mythos 5 Are Back with New Security Guardrails
Microsoft Accelerates Quantum-Safe Push with New Timeline
Insurance Giant Aflac Discloses Data Breach Impacting Millions
Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day
Critical SimpleHelp Vulnerability Exploited For Malware Delivery
ClickFix Now Cybercriminals' Favorite Malware Delivery Technique
SecurityWeek
Microsoft Adds New Teams Controls to Block Unauthorized AI Bots From Meetings
Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities
Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack
Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors
Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari
Dawnguard Raises $6.3 Million for Security Architecture Automation Platform
Massive Password Spray Campaign Targeting Azure CLI
Google Patches 382 Chrome Vulnerabilities
BlueHammer Vulnerability Exploited in Ransomware Attacks
Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks
ZDNet
I tried Brave's new stripped down Origin browser, and now it's my top Chromium-based pick
If you like COSMIC Desktop, you'll love its new system monitor
Opera is releasing a new feature that detects and blocks malicious clipboard content
I wore the Oura Ring 5 for a month, and it's an even bigger upgrade than expected
I tested the LG C6 OLED for a week, and its color accuracy and contrast levels left me in awe
I've tested many portable Linux distros, but PorteuX is the one I keep on my USB drive
Your old Android phone can be turned into a dashcam for free - how I did it in 5 easy steps
I tested Lenovo's new modular ThinkPad, and it renewed my faith in repairable laptops
I bricked my iPhone to prevent doomscrolling - how life has been after six months of use
I changed 12 Hisense TV settings to significantly improve the picture quality
The Hacker News
AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack
FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges
SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer
Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures
Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic
BleepingComputer
CISA: Microsoft SharePoint RCE flaw now actively exploited
Opera rolls out Paste Protect feature to fight ClickFix attacks
Alleged Scattered Spider hacker extradited to the United States
Medtronic notifies customers impacted by ShinyHunters data breach
FortiBleed credential-theft campaign linked to Lynx ransomware
Kubota says hackers had month-long access to network systems
New ChocoPoC malware targets researchers via trojanized PoC exploits
DHS confirms hackers breached HSIN info-sharing platform
Webinar: Why traditional email security is no longer enough
Hackers target Microsoft 365 accounts with 81 million login attempts
gbhackers
EvilTokens-Linked ARToken Panel Exposes 80+ APIs for Microsoft 365 Token Theft
CISA Adds Actively Exploited Microsoft SharePoint Vulnerability to KEV Catalog
Hackers Use Geofenced Webpages to Deliver Ousaban Banking Trojan in Spain and Portugal
JetBrains Patches Critical Hub Authentication Bypass and Account Takeover Vulnerabilities
ValleyRAT Uses RC4 Encryption, Donut Shellcode, and rundll32 Injection for Stealth
Apple Hide My Email Vulnerability Lets Attackers Reveal Users’ Real Email Addresses
JADEPUFFER Agentic Ransomware Uses LLM to Automate Database Extortion
ChocoPoC Campaign Abuses GitHub PoC Repositories to Steal Browser Credentials
Attackers Downgrade WDigest Protection to Dump Plaintext Credentials With Mimikatz
LSHIY Password Spray Attack Hits Microsoft 365 Accounts With 81 Million Login Attempts
Cybersecurity Dive
Critical flaw in Oracle E-Business Suite is under immediate threat
Anthropic reactivates Fable, Mythos after securing government approval
Critical flaw in SimpleHelp exploited in attacks targeting sensitive credentials
DHS proposes new system for public-private infrastructure security collaboration
Insurance body confirms hackers posted Oracle PeopleSoft breach data
OpenAI voluntarily limits new AI models at government’s request
From mythos to reality: Why the 2026 state of pentesting report proves the need for programmatic defenses
Software, AI companies form alliance to tackle open-source security flaws
FCC requires emergency-alert distributors to secure their systems
AWS unveils agent security, data access tools
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Oracle E-Business Suite was under attack via critical flaw before the public exploit code was even released
Hackers shoveled snow for company, were rewarded with network admin access
EvilTokens device-code phishing kit totally more evil than we all thought
Claude Sonnet 5.0 heads straight down the middle of the road to dodge controversy
Somebody told DeepSeek to build in-browser ransomware and it gleefully complied
Red teamers turned Claude Desktop into a double agent to do their evil bidding
Infosec professionals sour on automated pentesting tools
Huntress CEO says threat hunter used 'poor judgment' in alerting ransomware crim about law enforcement probe
Microsoft builds a bouncer to keep bots out of Teams meetings
India’s central bank mandated use of .bank domains to enhance trust – but its registry leaked sensitive info
VentureBeat
Digital resilience compounds when AI and human expertise scale together
The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.
Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers
Autonomous security agents need complete data. Here's how to check if yours is ready.
Frontier AI is rewriting the economics of software supply chain security
Visa will offer an inside look at Project Glasswing and how the most powerful agentic models are changing enterprise security at VB Transform 2026
7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes
TechCrunch
In major privacy win, Supreme Court rules geofence warrants are protected by privacy rights
Russian hackers were behind $2.5B hack of Jaguar Land Rover: Report
Polymarket says hackers stole users’ funds
Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats
Cellebrite said it cut off Russia, but Russia used its tools anyway
New website names and shames companies that still don’t offer passkeys to users
Klue says hackers stole credential from 2022 that led to customer data breaches
Password manager maker LastPass says hackers stole customer support case data during Klue breach
Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach
A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak
Network World Security
What Meta, Oracle moves say about data center economics
Network jobs watch: Hiring, skills and certification trends
Kyndryl: AI success hinges on workforce readiness
Netgear brings AI-driven network management to SMEs and MSPs
2026 network outage report and internet health check
U.S. Open powers up AI-ready network in challenging environment
Aggressive federal PQE timeline prompts warnings for enterprises
You can’t build sovereign infrastructure with Broadcom, says CISPE
Presidential order addresses quantum computing gaps
Researchers cast new doubt on Microsoft’s quantum computing advance
Help Net Security
Opera blocks ClickFix attacks with new clipboard protection feature
The endpoint recovery gap many teams discover during an incident
Review: CTRL+ALT+PWN
Catching ransomware on the wire before it locks the file server
What the AI patch gap means for enterprise security
GitHub’s new tool helps prevent costly open-source license violations
Netzilo adds runtime governance for AI agents across major platforms
Dawnguard launches platform to automate secure cloud architecture
Intruder offers Free security plan for lean IT and security teams
The ARToken phishing panel targets Microsoft 365 accounts
SC Magazine
‘Interpol’ emails spread custom ransomware with decryption key left inside
Malicious browser extension targets cryptocurrency users with wallet address swapping
Apple releases early security updates, citing AI-driven exploit acceleration
Cybersecurity professionals cite agentic AI, LLMs, and cloud infrastructure breaches as top concerns
Major Russian-language cybercrime forum XSS.is shut down, alleged admin arrested
New phishing-as-a-service platform ARToken offers advanced BEC capabilities
Ousaban banking trojan targets Spain and Portugal with new stealth techniques
Huntress CEO addresses insider threat claims amid employee-cybercriminal communication
CIA reorganizes to embrace AI and quantum computing
Shell injection flaw found in 10 of 11 open-source AI agents
© 2026 RiskDiscovery | Sponsored by:
Deception Logic