[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Yet Another Way to Bypass Google Chrome's Encryption Protection
Instructure Breach Exposes Schools' Vendor Dependence
From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber
Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA
Middle East Cyber Battle Field Broadens — Especially in UAE
Trellix Source Code Breach Highlights Growing Supply Chain Threats
Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations
Why Security Leadership Makes or Breaks a Pen Test
Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
How the Story of a USB Penetration Test Went Viral
Ars Technica
Ars Asks: Share your shell and show us your tricked-out terminals!
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Why Reddit blocked my daily visit to its mobile website
GameStop offers $56 billion for eBay, struggles to explain how it'll pay for it
Ubuntu infrastructure has been down for more than a day
The most severe Linux threat to surface in years catches the world flat-footed
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
CyberScoop
A DOD contractor’s API flaw exposed military course data and service member records
A critical Palo Alto PAN-OS zero-day is being exploited in the wild
CISA wants critical infrastructure to operate ‘weeks to months’ in isolation during conflict
CISA boasts AI automation improvements to threat analysis, mission support
Latvian national sentenced for ransomware attacks run by former Conti leaders
‘Copy Fail’ is a real Linux security crisis wrapped in AI slop
A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory
Why data centers now belong on the critical infrastructure list
US government, allies publish guidance on how to safely deploy AI agents
Former incident responders sentenced to 4 years in prison for committing ransomware attacks
InfoSecurity Magazine
CloudZ Malware Abuses Phone Link to Steal SMS OTPs
CISA Urges Critical Infrastructure Providers to Make Plans to Remain Operational if hit by Cyber-Attack
Iran-Linked APT Posed as Chaos Ransomware Member in Espionage Campaign
One in Eight Workers Has Sold Their Corporate Logins
Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
North Korean APT Targets Yanbian Gamers via Trojanized Platform
Fake SSA Emails Drive Venomous#Helper Phishing Campaign
AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk
NCSC Warns of an AI-Fuelled “Vulnerability Patch Wave”
Trellix Reveals Unauthorized Access to Source Code
SecurityWeek
Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion
Autonomous Offensive Security Firm XBOW Raises $35 Million
Herd Security Raises $3 Million for AI-Powered Training Platform
Iranian APT Intrusion Masquerades as Chaos Ransomware Attack
Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago
CISA Launches ‘CI Fortify’ to Prepare Critical Infrastructure for Geopolitical Cyber Conflict
Sophisticated Quasar Linux RAT Targets Software Developers
Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack
Oracle Debuts Monthly Critical Security Patch Updates
Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
ZDNet
I've fully converted to adaptive chargers from fast ones and already feel safer
How I upgraded my Sonos soundbar's audio quality - 3 easy and free methods
I've tested several ReMarkable tablets, but its new cheap E Ink tablet had me fooled
I hand-picked 10 Mother's Day gifts that will arrive by Sunday
Roku sued for allegedly bricking TVs - see which models are affected, and your best alternatives
Sony vs. Samsung: My buying advice after testing both home theater systems
Why Chrome may have quietly downloaded a 4GB file to your PC - and how to get rid of it
Why Edge stores your passwords in plaintext, according to Microsoft
I tested 5G signals of AT&T, T-Mobile, and Verizon in rural America - here's how your carrier did
Your Claude agents can 'dream' now - how Anthropic's new feature works
The Hacker News
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open
Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?
Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
BleepingComputer
Hackers abuse Google ads for GoDaddy ManageWP login phishing
Critical vm2 sandbox bug lets attackers execute code on hosts
New Cisco DoS flaw requires manual reboot to revive devices
DAEMON Tools devs confirm breach, release malware-free version
Why ransomware attacks succeed even when backups exist
MuddyWater hackers use Chaos ransomware as a decoy in attacks
Webinar: Why network incidents escalate and how to fix response gaps
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
New stealthy Quasar Linux malware targets software developers
Instructure hacker claims data theft from 8,800 schools, universities
gbhackers
Hackers Exploit Google Ads to Steal GoDaddy ManageWP Logins
Redis Security Flaws Expose Servers to Remote Code Execution Risks
Malicious NuGet Packages Steal Browser Credentials, SSH Keys, and Crypto Wallets
Cisco Network Flaw Exposes Devices to Remote Denial-of-Service Exploits
Critical vm2 Node.js Library Flaws Enable Arbitrary Code Execution Attacks
Fake Disk Cleanup Apps Fuel New macOS ClickFix Attack
Cybercriminals Exploit Microsoft Teams to Phish Login Credentials and Bypass MFA
WatchGuard Agent Flaws Allow Attackers to Gain Full SYSTEM Privileges on Windows
Salat Malware Abuses QUIC and WebSockets for Stealthy C2 Control
Phishing Attack Weaponizes Calendar Invites to Steal Login Credentials
Cybersecurity Dive
Businesses eager but unprepared for AI to transform their security strategies
Iran-sponsored threat group behind false flag social engineering campaign
NIST will test three major tech firms’ frontier AI models for cybersecurity risks
Trellix investigating breach of source code repository
CISA urges critical infrastructure firms to ‘fortify’ before it’s too late
Critical vulnerability in cPanel leads to widespread exploitation
New MOVEit vulnerabilities prompt urgent patch warning
How OpenClaw’s agent skills become an attack surface
White House questions tech industry on defensive AI use, cybersecurity resilience
As email phishing evolves, malicious attachments decline and QR codes surge
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Arctic Wolf kicks 250 employees out of the pack to save money for AI
1 in 8 employees totally cool with selling work credentials
Iran cybersnoops still LARPing as ransomware crooks in espionage ops
UK age-gating plans risk breaking the internet, privacy groups warn
India orders infosec red alert in case Mythos sparks crime spree
ServiceNow clears agents for landing with new AI control tower
Attackers are cashing in on fresh 'CopyFail' Linux flaw
Real estate giant confirms vishing incident as ShinyHunters and Qilin both come knocking
ShinyHunters claims dump puts 119K Vimeo emails in the wild
Romance scammers turn sweet talk into £102M payday
VentureBeat
One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it
Microsoft takes Agent 365 out of preview as shadow AI becomes an enterprise threat
200,000 MCP servers expose a command execution flaw that Anthropic calls a feature
Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
TechCrunch
DOJ says ransomware gang tapped into Russian government databases
AI evaluation startup Braintrust confirms breach, tells every customer to rotate sensitive keys
Some kids are bypassing age-verification checks with a fake mustache
Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack
Hackers steal students’ data during breach at education tech giant Instructure
4 days left: Get 50% off a second TechCrunch Disrupt 2026 pass to make more deals faster
US government warns of severe CopyFail bug affecting major versions of Linux
Hackers are mass-exploiting the cPanel bug to gain control of thousands of websites
US healthcare marketplaces shared citizenship and race data with ad tech giants
5 days only: Bring a partner or colleague and get 50% off a second TechCrunch Disrupt 2026 pass
Network World Security
Supply constraints, optical advances dominate Arista’s Q1
Lumen advances cloud networking vision with $475M Alkira buy
HPE bolsters autonomous network operations for Mist, Aruba Central
Netskope launches AI agents for SOC and NOC automation
Intel, behind in AI chips, bets on quantum and neuromorphic processors
Switch storm coming: Gartner forecasts price hikes, long lead times for enterprise data center switches
Extreme moves toward autonomous networking with advanced AI agent, management tools
2026 network outage report and internet health check
Broadcom bets big on VMware Cloud Foundation 9.1
IBM unveils its blueprint to help enterprises run AI at the core of their business
Help Net Security
Open-source MCP server monitoring for Python apps
Multi-model AI is creating a routing headache for enterprises
Teams calls are about to get a lot harder to fake
Sysdig delivers cloud security that runs inside AI coding agents
Attackers compromised Daemon Tools software to deliver backdoors
Intel 471 speeds threat hunting and remediation with Retroactive Threat Detections
Extreme Networks introduces Agent ONE for autonomous enterprise networking
UiPath adds agentic AI capabilities to Automation Suite for government agencies
8×8 updates CX platform with AI, analytics, and frontline management capabilities
Proton Mail brings quantum-safe email encryption to all accounts
SC Magazine
Most security pros say managing identity has become a major challenge
Microsoft Copilot Security Risks: How to Fix Data Oversharing with AI Governance - WC #1
Trusted third-party connections are the new front door for attackers 
Major AI companies to share models with Commerce Department for security testing
Australian small businesses lack cyber security plans, research finds
MetInfo CMS vulnerability exploited by threat actors
Palo Alto Networks warns of critical PAN-OS vulnerability exploited in the wild
DAEMON Tools installers compromised in new supply chain attack
Taiwanese student arrested for halting high-speed trains with radio hack
DHS mobile device security falls short of standards, inspector general report finds
© 2026 RiskDiscovery | Sponsored by: Deception Logic