[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
US Cracks Down on Anthropic AI Models Amid Abuse Concerns
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
Claude Fable 5 Doesn't Change the Mythos Security Story
Phishing Attack Volume Down 20%, But Risk Still Rising
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Segmentation Works for OT If Operators Are Paying Attention
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
CISA Rewrites Federal Patching Requirements for AI Threat Era
Bug Bounty Research Triggers ServiceNow Security Alert
AI Risk Worries Insurers & Businesses Alike
Ars Technica
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
Botnet of more than 17 million devices dismantled
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
CyberScoop
Anthropic disables new models after government calls them a national security concern
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
US, France, and Italian authorities shut down massive deepfake porn site
Conti ransomware group member pleads guilty, faces up to 20 years in prison
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
CyberCorps is adapting to AI. The budget isn’t keeping up.
Russian national charged in connection with Void Blizzard espionage campaign
OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers 
CISA directive orders agencies to prioritize vulnerability patching in a new way
Microsoft breaks Patch Tuesday record with 206 vulnerabilities
InfoSecurity Magazine
Cybersecurity Experts Urge US to Lift Ban on Anthropic's Frontier AI Models
UK Government Finds 400+ Vulnerabilities in AI Hackathons
Maine Takes Breach Reporting Portal Offline After Fake Entries
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
GitHub to Update npm to Thwart Software Supply Chain Attacks
Over 80% of Sports Organizations Targeted by Hackers in the Last Year
CISA Orders Agencies to Patch by Risk, Not Severity
Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware
Most Cybersecurity Teams Struggle to Find Time for Training on New Cyber Threats
Interpol Dismantles SniperDz Phishing-as-a-Service Platform
SecurityWeek
Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer
Chinese Hackers Target Medical, Military, and AI Research in North America
NewCore Emerges From Stealth Mode With $66 Million in Funding
Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges
Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems
French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker
ShinyHunters Claims Council of Europe Hack
FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service
Maine Disables Data Breach Portal Due to Fake Submissions 
NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks
ZDNet
This curved Samsung monitor is perfect for a WFH setup - and it's on sale
Container made it easy to run Linux on my MacBook - here's how I set it up
6 underrated Android Auto apps that I heavily rely on during road trips - some are free
Amazon has slashed this Blink 5-camera bundle by nearly $200 - and I highly recommend it
7 ways AI can help with your Linux system management
I tested an AirTag alternative that uses LoRa mesh to track location - and it's seriously reliable
Android already has these 4 iOS 27 features - but I wish it'd steal these 2 next
Windows Subsystem for Linux 3 gives developers a compelling reason to stick with Microsoft - here's why
Google Maps vs. Waze: I've driven 100+ miles with the two best navigation apps - this one's better
This 15-in-1 docking station did more than add ports - it finally brought order to my desk
The Hacker News
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
The Onboarding Password Mistake That Creates Unnecessary Risk
152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic
Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites
Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
BleepingComputer
FBI: Fraudsters use couriers to steal money in crypto scams
Vibe coders are gonna vibe code: How CISOs are tackling code sprawl
Chinese hackers breach REDCap servers, steal medical research
New attack turned Microsoft 365 Copilot into 1-click data theft tool
Infinite Campus data breach affects 137,000 school staff accounts
Webinar: How behavioral AI stops phishing and account takeovers
FBI disrupts massive AI-powered phishing service using a million URLs
Ex-school district employee jailed for hacks on former employer
Chinese hackers hijack auth flow, spy on isolated network for a decade
US Gov asks Anthropic to ban 'foreign national' access to Fable, Mythos
gbhackers
Payroll Pirate Campaign Uses AiTM Session Hijacking to Bypass MFA and Redirect Salaries
Jenkins RCE Flaw Exploited by Attackers in the Wild
Windows 11 Update Causes System Freezes, Triggers BitLocker Recovery, and Breaks OneDrive
Velvet Ant Hackers Backdoor OpenSSH and PAM to Spy on Critical Infrastructure Network
New DPAPISnoop Tool Enables Extraction of CREDHIST Hashes From Windows Systems
SearchJack Adware Campaign Exposes 758,000 Users to Privacy and Phishing Risks
SHADOWBYT3$ Allegedly Claims Nintendo Breach and Theft of Sensitive Data
Palo Alto Warns GlobalProtect VPN Flaw Is Being Actively Exploited
PromptSnatcher Browser Extensions Abuse AI Platforms to Capture Full Chat Conversations
Russia-Aligned Hackers Exploit Old WinRAR Vulnerability to Target Ukrainian Organizations
Cybersecurity Dive
MS-ISAC enters uncertain new era after losing federal funding and thousands of members
Agentic AI surges in financial sector even as many firms fail to manage security risks
It’s Mythos’ world now. How do we live in it?
ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft
Enterprises report increasing budgets for security training in AI and other critical topics
FIFA World Cup expected to face extensive criminal, hacktivist cyber threats
CISA gives agencies new vulnerability remediation deadlines that take risk levels into account
CISA, researchers warn of escalating attacks using Cisco Catalyst SD-WAN flaws
Companies are failing to keep up with AI’s identity sprawl, creating entry points for hackers
Check Point warns of zero-day flaw targeted by ransomware affiliate
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Microsoft site throwing warnings after someone forgot to renew cert
PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data
Arch Linux locks down AUR signups amid wave of malicious commits
AI is code – and can't be prompted into being smarter
NanoClaw now armed with JFrog for safer packages
Fired IT worker jailed for 21 months after sabotaging old school district
Novo Nordisk reports cyberattack as UK gives Wegovy pill the nod
Microsoft has mostly repaired flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet
Google fires sueball at alleged Chinese phishers over AI-powered fraud ops
Plymouth council exposes hundreds in latest local government email gaffe
VentureBeat
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
AI doesn't break security. Complexity does
TechCrunch
Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models
As AI agents become employees, NewCore emerges with $66M to give them identities
Amazon CEO reportedly raised Anthropic model concerns before government crackdown
The FBI built its own replica small town to simulate real-world cyberattacks
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
Oracle warns of security bug that hackers abused to breach 100+ companies
South Korea hits Coupang with $400M+ fine for data breach that affected millions
Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations
North Koreans behind nearly half of US tech industry hacks, says CrowdStrike
Network World Security
NetBox at 10: Network inventory tool now a full infrastructure intelligence platform
How Jeetu Patel made Cisco unrecognizable
Amazon claims its data centers are 7x more water-efficient than the industry average
Marvell announces 102.4 Tbps switch silicon built for AI
IBM, ServiceNow team to bring AI to legacy enterprise systems
AI-powered WAF, virtual patching: How F5 is hardening networks against frontier threats
A quick look at Cisco’s strategy to become a software monster
Residential proxies are hiding in plain sight inside enterprise networks
OpenAI weighs Nvidia-backed lease for 10 GW Ohio data center campus
Lotus Microsystems targets AI power efficiency with vStrata platform
Help Net Security
China-linked spies backdoored authentication stack to stay hidden for years
Delinea and Cyera integrate for data-aware identity security
1Password Credential Broker reduces secret sprawl through identity-based credential delivery
Trust3 AI’s AgentDOS monitors AI agent activity, data access, and token consumption
Omada Agent Governance helps organizations manage AI agent access, risk, and compliance
Ukrainian national pleads guilty in connection with Conti ransomware
Red Sift, GMO GlobalSign partnership simplifies email authentication and BIMI adoption
AI vulnerability discovery is pushing 2026 CVEs toward 66,000
PhishLumos: Exposing phishing campaigns that evade detection by hiding content
Modat enhances Magnify with Passive DNS for faster threat hunting and infrastructure analysis
SC Magazine
Why non-human identities (NHIs) require a change in mindset
Securing the model: Protecting AI systems from compromise
Safe AI at scale, what happens after initial access, and the weekly enterprise news - Albert Estevez Polo, Shiva Pillay - ESW #463
CISA gives agencies 3 days to patch maximum severity Ivanti vulnerability
Phones, Sarlaccs, Maine, Chinese Sites, Ivanti, Bitlocker, Peoplesoft, and More - SWN #589
House fails to renew FISA surveillance law amid controversy
Anthropic launches $15 million cyber defense program for state and local governments
California's new CIO focuses on modernizing legacy systems and AI
China-nexus group hid in Linux login system for nearly a decade
Thousands of live cameras stream with no authentication, exposing security risks
© 2026 RiskDiscovery | Sponsored by: Deception Logic