[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
'TrustFall' Convention Exposes Claude Code Execution Risk
World's First AI-Driven Cyberattack Couldn't Breach OT Systems
Yet Another Way to Bypass Google Chrome's Encryption Protection
Instructure Breach Exposes Schools' Vendor Dependence
From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber
Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA
Middle East Cyber Battle Field Broadens — Especially in UAE
Trellix Source Code Breach Highlights Growing Supply Chain Threats
Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations
Why Security Leadership Makes or Breaks a Pen Test
Ars Technica
Ars Asks: Share your shell and show us your tricked-out terminals!
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Why Reddit blocked my daily visit to its mobile website
GameStop offers $56 billion for eBay, struggles to explain how it'll pay for it
Ubuntu infrastructure has been down for more than a day
The most severe Linux threat to surface in years catches the world flat-footed
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
CyberScoop
American duo sentenced for hosting laptop farms for North Korean IT workers
One House Democrat is pressing Commerce on the government’s spyware use
A DOD contractor’s API flaw exposed military course data and service member records
A critical Palo Alto PAN-OS zero-day is being exploited in the wild
CISA wants critical infrastructure to operate ‘weeks to months’ in isolation during conflict
CISA boasts AI automation improvements to threat analysis, mission support
Latvian national sentenced for ransomware attacks run by former Conti leaders
‘Copy Fail’ is a real Linux security crisis wrapped in AI slop
A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory
Why data centers now belong on the critical infrastructure list
InfoSecurity Magazine
Legacy Security Tools Are Failing Data Protection, Capital One Software Report Finds
Cline Kanban Flaw Lets Websites Hijack AI Coding Agents
OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos
Fake Claude AI Site Drops Beagle Backdoor on Windows Users
Daemon Tools Developer Confirms Software Was Trojanized
Researchers Spot Uptick in Use of Vercel for Phishing Campaigns
CloudZ Malware Abuses Phone Link to Steal SMS OTPs
CISA Urges Critical Infrastructure Providers to Make Plans to Remain Operational if hit by Cyber-Attack
Iran-Linked APT Posed as Chaos Ransomware Member in Espionage Campaign
One in Eight Workers Has Sold Their Corporate Logins
SecurityWeek
Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
Boost Security Raises $4 Million for SDLC Defense Platform
Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking
Chrome 148 Rolls Out With 127 Security Fixes
Attackers Could Exploit AI Vision Models Using Imperceptible Image Changes
Vendor Says Daemon Tools Supply Chain Attack Contained
AI Coding Agents Could Fuel Next Supply Chain Crisis
Webinar Today: Securing Identity Across Humans, Machines and AI
Cisco Patches High-Severity Vulnerabilities in Enterprise Products
Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack
ZDNet
Whoop vs. Fitbit Air: I compared Google's new fitness band to the industry favorite
10 secret Netflix codes I use to find hidden movies (and how to enter them) - it's easy
Best travel VPNs of 2026: Expert tested and reviewed
The best VPN extensions for Chrome in 2026: Expert tested and reviewed
I've fully converted to adaptive chargers from fast ones and already feel safer
How I upgraded my Sonos soundbar's audio quality - 3 easy and free methods
I've tested several ReMarkable tablets, but its new cheap E Ink tablet had me fooled
I hand-picked 10 Mother's Day gifts that will arrive by Sunday
Roku sued for allegedly bricking TVs - see which models are affected, and your best alternatives
Sony vs. Samsung: My buying advice after testing both home theater systems
The Hacker News
One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth Breaches
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories
Day Zero Readiness: The Operational Gaps That Break Incident Response
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open
Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?
BleepingComputer
Ivanti warns of new EPMM flaw exploited in zero-day attacks
The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls
Americans sentenced for running 'laptop farms' for North Korea
Crypto gang member gets 6.5 years for role in $230 million heist
Webinar: Why modern attacks require both security and recovery
Palo Alto Networks firewall zero-day exploited for nearly a month
Fake Claude AI website delivers new 'Beagle' Windows malware
Hackers abuse Google ads for GoDaddy ManageWP login phishing
Critical vm2 sandbox bug lets attackers execute code on hosts
New Cisco DoS flaw requires manual reboot to revive devices
gbhackers
Fake Call History Apps on Google Play Steal Payments, Hit 7.3M+ Downloads
CISA Issues Warning Over Palo Alto PAN-OS Flaw Enabling Root-Level Access
Hackers Weaponize Claude AI in Attacks on Water and Drainage Utilities
Claude and SpaceX Join Forces to Enhance Large-Scale Compute Capacity
Spring Vulnerabilities Open Door to Arbitrary File Access and GCP Secret Leaks
Fake Claude AI Installers Used to Spread Malware in New Cyber Scam
Scammers Exploit Disposable VoIP Numbers to Bypass Reputation Blocking
Google Chrome 148 Released With Fixes for 127 Security Flaws
UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools
Hackers Exploit Google Ads to Steal GoDaddy ManageWP Logins
Cybersecurity Dive
Businesses eager but unprepared for AI to transform their security strategies
Iran-sponsored threat group behind false flag social engineering campaign
NIST will test three major tech firms’ frontier AI models for cybersecurity risks
Trellix investigating breach of source code repository
CISA urges critical infrastructure firms to ‘fortify’ before it’s too late
Critical vulnerability in cPanel leads to widespread exploitation
New MOVEit vulnerabilities prompt urgent patch warning
How OpenClaw’s agent skills become an attack surface
White House questions tech industry on defensive AI use, cybersecurity resilience
As email phishing evolves, malicious attachments decline and QR codes surge
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
The network password was a key plot point in one of the most famous movies of all time
Arctic Wolf kicks 250 employees out of the pack to save money for AI
1 in 8 employees totally cool with selling work credentials
Iran cybersnoops still LARPing as ransomware crooks in espionage ops
UK age-gating plans risk breaking the internet, privacy groups warn
India orders infosec red alert in case Mythos sparks crime spree
ServiceNow clears agents for landing with new AI control tower
Attackers are cashing in on fresh 'CopyFail' Linux flaw
Real estate giant confirms vishing incident as ShinyHunters and Qilin both come knocking
ShinyHunters claims dump puts 119K Vimeo emails in the wild
VentureBeat
Anthropic Skill scanners passed every check. The malicious code rode in on a test file.
One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it
Microsoft takes Agent 365 out of preview as shadow AI becomes an enterprise threat
200,000 MCP servers expose a command execution flaw that Anthropic calls a feature
Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
TechCrunch
Police arrest SMS blaster crew that sent malicious messages to thousands across Toronto
2 days left: Get 50% off a second pass to TechCrunch Disrupt 2026
DOJ says ransomware gang tapped into Russian government databases
AI evaluation startup Braintrust confirms breach, tells every customer to rotate sensitive keys
Some kids are bypassing age-verification checks with a fake mustache
Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack
Hackers steal students’ data during breach at education tech giant Instructure
4 days left: Get 50% off a second TechCrunch Disrupt 2026 pass to make more deals faster
US government warns of severe CopyFail bug affecting major versions of Linux
Hackers are mass-exploiting the cPanel bug to gain control of thousands of websites
Network World Security
Supply constraints, optical advances dominate Arista’s Q1
Lumen advances cloud networking vision with $475M Alkira buy
HPE bolsters autonomous network operations for Mist, Aruba Central
Netskope launches AI agents for SOC and NOC automation
Intel, behind in AI chips, bets on quantum and neuromorphic processors
Switch storm coming: Gartner forecasts price hikes, long lead times for enterprise data center switches
Extreme moves toward autonomous networking with advanced AI agent, management tools
2026 network outage report and internet health check
Broadcom bets big on VMware Cloud Foundation 9.1
IBM unveils its blueprint to help enterprises run AI at the core of their business
Help Net Security
SC Magazine
The hidden risk in hybrid IT: Fragmented vulnerability management
Iranian threat group used Chaos ransomware as a ‘false flag,’ researchers say
Most security pros say managing identity has become a major challenge
Microsoft Copilot Security Risks: How to Fix Data Oversharing with AI Governance - WC #1
Trusted third-party connections are the new front door for attackers 
Major AI companies to share models with Commerce Department for security testing
Australian small businesses lack cyber security plans, research finds
MetInfo CMS vulnerability exploited by threat actors
Palo Alto Networks warns of critical PAN-OS vulnerability exploited in the wild
DAEMON Tools installers compromised in new supply chain attack
© 2026 RiskDiscovery | Sponsored by: Deception Logic