[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine
AI Drives Cybersecurity Investments, Widening 'Valley of Death'
Foxconn Attack Highlights Manufacturing's Cyber Crisis
Checkbox Assessments Aren't Fit to Measure Risk
Attackers Weaponize RubyGems for Data Dead Drops
Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak
Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape
LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly
China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
Ars Technica
Zero-day exploit completely defeats default Windows 11 BitLocker protections
Cisco announces record revenue and 4,000 layoffs in the same day
Linux bitten by second severe vulnerability in as many weeks
Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
Ars Asks: Share your shell and show us your tricked-out terminals!
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Why Reddit blocked my daily visit to its mobile website
GameStop offers $56 billion for eBay, struggles to explain how it'll pay for it
Ubuntu infrastructure has been down for more than a day
CyberScoop
Major tech manufacturer Foxconn confirms cyberattack hit North American factories
Researchers say AI just broke every benchmark for autonomous cyber capability
Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks
DOJ releases legal rationale for nationwide voter data collection
Weaponized AI: The new frontier of fraud and identity spoofing
Daybreak is OpenAI’s answer to the AI arms race in cybersecurity
‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack
Major world economies spell out key elements of AI ‘ingredients list’
Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical
Google and Amnesty International teamed up to make it harder for spyware vendors to hide
InfoSecurity Magazine
Mustang Panda Linked to Updated FDMTP Backdoor in Asia-Pacific Espionage Campaign
Google Launches Android Spyware Forensics Tool for High-Risk Users
New Fragnesia Flaw Hands Linux Local Users Root Access
Most Organizations Now Use AI Agents for Sensitive Security Tasks
ICO Publishes Five-Step Plan to Counter Emerging AI-Powered Attacks
Canvas Owner Reaches Agreement With Cybercriminals After Ransomware Attack
Avada Builder Flaws Expose One Million WordPress Sites
Ransomware: Over Half of CISOs Would Consider Paying Ransom to Hackers
Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks
UK Cybersecurity Market Expands to £14.7bn with Strong Growth in AI Security Firms
SecurityWeek
Enhancing Data Center Security Without Sacrificing Performance
New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation
Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere
Akamai to Acquire AI and Browser Security Firm LayerX for $205 Million
Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns
G7 Countries Release AI SBOM Guidance
F5 Patches Over 50 Vulnerabilities
Hackers Targeted PraisonAI Vulnerability Hours After Disclosure
High-Severity Vulnerability Patched in VMware Fusion
Researcher Drops YellowKey, GreenPlasma Windows Zero-Days
ZDNet
You can buy Meta smart glasses for up to 20% off right now - Ray-Bans included
Anthropic's Mythos is evolving faster than expected, reports AI safety agency
I'm no Copilot fan, but these 6 new AI skills turned Edge into my favorite mobile browser
Kindle Scribe vs. ReMarkable Paper Pure: Why I'm not writing off Amazon's E Ink tablet just yet
I found the best early Memorial Day Apple deals: Save hundreds on iPad, Apple Watch, and more
6 ways I use Fedora 44 beyond the basics - and why it's ready for anything
I started following the 60-60 rule for headphones, and my ears will thank me later
I compared Samsung, Motorola, and Google's premium foldable phones - and I'd buy this one
I replaced my slab phone with Motorola's $1,900 Razr Fold - and it's got me hooked
The third major Linux kernel flaw in two weeks has been found - thanks to AI
The Hacker News
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
How AI Hallucinations Are Creating Real Security Risks
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
BleepingComputer
OpenAI confirms security breach in TanStack supply chain attack
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
18-year-old NGINX vulnerability allows DoS, potential RCE
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
KongTuke hackers now use Microsoft Teams for corporate breaches
Dell confirms its SupportAssist software causes Windows BSOD crashes
US charges suspected Dream Market admin arrested in Germany
New Fragnesia Linux flaw lets attackers gain root privileges
West Pharmaceutical says hackers stole data, encrypted systems
Iranian hackers targeted major South Korean electronics maker
gbhackers
TeamPCP, BreachForums Launch $1K Supply-Chain Attack Contest
Critical WordPress Plugin Flaw Allows Unauthorized Access to Websites
Sandworm Hackers Shift From IT Breaches to Critical OT Targets
Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution
Chinese APT Exploits Microsoft Exchange to Breach Energy Sector Network
New Malware Framework Enables Screen Control and UAC Bypass
Critical Exim Mailer Flaw Enables Remote Code Execution Attacks
Canon MailSuite Security Flaw Allows Attackers to Execute Code Remotely
170 npm Packages Hijacked to Steal GitHub, AWS & Kubernetes Secrets
Microsoft Research: AI Can Generate Realistic Command-Line and Process Telemetry
Cybersecurity Dive
More money is going to physical security, but it’s often CISOs that oversee it: EY
Frontier AI models reap rapid discovery of security vulnerabilities
West Pharmaceutical starts restoring operations after ransomware attack
Foxconn confirms cyberattack affecting some North American facilities
OpenAI launches Daybreak to combat cyber threats
Canvas owner reaches ‘agreement’ with threat actors after data breach
Guardrail Technologies launches Traffic Light for Code & AI™; first security technology to verify & secure AI code and the people creating it
Identity takes center stage as a leading factor in enterprise cyberattacks
AI and an absent government: Takeaways from RSAC 2026
Second Canvas data breach causes major disruptions for schools, colleges
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Cops arrest man suspected of being Dream Market kingpin
Dirty Frag gets a sequel as Fragnesia hands Linux attackers root-level access
To gain root access at this company, all an intruder had to do was ask nicely
AI models are getting better at replacing cybersecurity pros on certain tasks
Cisco to fire 4,000 staff and generously give them free training – on Cisco
Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits
AWS to Quick admins: The access control didn't work, but you weren't using it anyway, so what's the problem?
Bug hunter tracks down three massive MCP flaws and one vendor won't fix theirs
Mystery Microsoft bug leaker keeps the zero-days coming
Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub
VentureBeat
Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps
Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses
AI agents are running hospital records and factory inspections. Enterprise IAM was never built for them.
AI tool poisoning exposes a major flaw in enterprise agent security
5,000 vibe-coded apps just proved shadow AI is the new S3 bucket crisis
An AI agent rewrote a Fortune 50 security policy. Here's how to govern AI agents before one does the same.
Anthropic Skill scanners passed every check. The malicious code rode in on a test file.
TechCrunch
OpenAI says hackers stole some data after latest code security issue
A spyware investigator exposed Russian government hackers trying to hijack Signal accounts
Cisco cuts nearly 4,000 jobs to spend more on AI, reports ‘record quarterly revenue’
This is what some of the world’s largest banks of malware look like stacked as hard drives
Ransomware hackers claim breach at Foxconn, a major electronics manufacturer for Apple, Google, and Nvidia
US lawmakers demand answers from Instructure after Canvas data breaches
Google launches new Android security feature to help uncover spyware attacks
US bank discloses security lapse after sharing customer data with AI app
Exaforce raises $125M Series B to build AI for catching and stopping cyberattacks as they happen
Instructure strikes deal with hackers who breached it twice
Network World Security
Network outages, power failures strain data center resiliency
Five takeaways from Cisco’s blowout quarter and what it means to customers
Cisco to cut nearly 4,000 jobs despite strong growth in AI, enterprise networking
Startup SPAN teams with Nvidia to put data center nodes in your backyard
Hard drive shortage affecting enterprise storage needs
Wi-Fi 8 is closer than you think. Here’s what you need to know
Cisco open-sources agentic AI security spec
HPE revamps private cloud stack for enterprises rethinking VMware
Versa takes aim at fragmented enterprise security with CSPM, orchestration update, and AI agent controls
Red Hat opens Ansible to AI agents, within limits
Help Net Security
Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)
HYCU aiR detects insider risk and AI activity from backups
Cofense adds AI-powered campaign detection to stop phishing attacks
Microsoft’s WinUI agent plugin trims token use by over 70% during development
Microsoft turns Copilot Studio into an AI agent control center
AI cyber capability is speeding past earlier projections
CERN’s open source KiCad library gives the world 17,000 circuit board components
Vector embedding security gap exposes enterprise AI pipelines
Closing the AI governance gap in your enterprise
Over 70% of organizations hit by identity breaches
SC Magazine
Cyber Insurance Explained: What CISOs MUST Know Before a Breach - WC #1
How Agentic AI made org charts obsolete
Microsoft details new AI system for vulnerability discovery
Critical Exim vulnerability allows remote code execution
Critical Quest KACE SMA flaw exploited after 10 months
Cofense unveils AI-driven platform to combat polymorphic phishing campaigns
Foxconn factories resume operations after ransomware attack
China-linked hackers target Azerbaijani oil firm in multi-wave attack
Researcher publishes proof-of-concept exploits for unpatched Windows vulnerabilities
Microsoft addresses BitLocker recovery issue in Windows 11
© 2026 RiskDiscovery | Sponsored by: Deception Logic