[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Every Old Vulnerability Is Now an AI Vulnerability
Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs
NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities
North Korea Uses ClickFix to Target macOS Users' Data
'Harmless' Global Adware Transforms Into an AV Killer
Two-Factor Authentication Breaks Free from the Desktop
Microsoft's Original Windows Secure Boot Certificate Is Expiring
6-Year Ransomware Campaign Targets Turkish Homes & SMBs
Critical MCP Integration Flaw Puts NGINX at Risk
Navigating the Unique Security Risks of Asia's Digital Supply Chain
Ars Technica
Recent advances push Big Tech closer to the Q-Day danger zone
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Quantum computers need vastly fewer resources than thought to break vital encryption
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Self-propagating malware poisons open source software and wipes Iran-based machines
Widely used Trivy scanner compromised in ongoing supply-chain attack
CyberScoop
The surveillance law Congress can’t quit — and can’t explain
US nationals sentenced for aiding North Korea’s tech worker scheme
Officials seize 53 DDoS-for-hire domains in ongoing crackdown
Ghost breaches: How AI-mediated narratives have become a new threat vector
NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities
Executive orders likely ahead in next steps for national cyber strategy
OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model 
We’re only seeing the tip of the chip-smuggling iceberg
CISA cancels summer internships for cyber scholarship students amid DHS funding lapse
Microsoft drops its second-largest monthly batch of defects on record
InfoSecurity Magazine
Commercial AI Models Show Rapid Gains in Vulnerability Research
DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’
US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea
APK Malformation Found in Thousands of Android Malware Samples
Cookeville Medical Center Notifies Patients After July 2025 Ransomware Attack
NIST Drops NVD Enrichment for Pre-March 2026 Vulnerabilities
Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads
Automotive Ransomware Attacks Double in a Year
OpenAI Unveils GPT-5.4-Cyber for Improving Cyber Defense With AI
European Cybersecurity Agency ENISA Seeks Top-Tier Status in CVE Program
SecurityWeek
CoChat Launches AI Collaboration Platform to Combat Shadow AI
In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested
Another DraftKings Hacker Sentenced to Prison
Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed
Recent Apache ActiveMQ Vulnerability Exploited in the Wild
Two North Korean IT Worker Scheme Facilitators Jailed in the US
ZionSiphon Malware Targets ICS in Water Facilities
Cursor AI Vulnerability Exposed Developer Devices
53 DDoS Domains Taken Down by Law Enforcement
Government Can’t Win the Cyber War Without the Private Sector
ZDNet
Verizon will give you a free iPad or Apple Watch with your next iPhone - how the deal works
The best laptops of 2026: Expert tested and reviewed
I retested Apple AirTags after 5 years - how they compare to Bluetooth tracker rivals
I ditched my iPhone's hotspot for this 5G travel router - and I'm never going back
The best Kindles in 2026: Expert recommended
Does Best Buy price match? Everything to know about matching prices online and in-store
I tried the new Gemini app for Mac - it has one major advantage over the web version
The best WordPress hosting services of 2026: Expert tested and reviewed
The best Apple Watch of 2026: Expert tested and reviewed
The best TV screen cleaners of 2026: Expert recommended
The Hacker News
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
BleepingComputer
Grinex exchange blames "Western intelligence" for $13.7M crypto hack
Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
Microsoft: Some Windows servers enter reboot loops after April patches
Man gets 30 months for selling thousands of hacked DraftKings accounts
Recently leaked Windows zero-days now exploited in attacks
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
ZionSiphon malware designed to sabotage water treatment systems
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
gbhackers
TP-Link Routers Hit by Mirai in CVE-2023-33538 Attacks
SEO Poisoning Attack Uses Microsoft Binary to Install RMM Tool
Operation PowerOFF Knocks Out 75,000 DDoS Attackers and Over 50 Service Domains
Industrial Systems Hit by New Email-Worm Threat Wave
OpenAI Extends GPT-5.4-Cyber Access to Trusted Organizations Worldwide
Microsoft Acknowledges Reboot Loop Issue on Windows Servers Following April Patches
Fake Zoom SDK Update Spreads Sapphire Sleet Malware in New macOS Attack Chain
PoC Released for FortiSandbox Flaw Enabling Arbitrary Command Execution
Critical Flowise Flaw Enables Remote Command Execution via MCP Adapters
Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face
Cybersecurity Dive
TP-Link routers face exploitation attempt linked to high-severity flaw
US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms
CIOs fret over rising security concerns amid AI adoption
CISA cancels prestigious summer internships, citing government shutdown
NIST limits vulnerability analysis as CVE backlog swells
FCC exempts Netgear from foreign router ban
Medium-severity flaw in Microsoft SharePoint exploited
Brute-force cyberattacks originating in Middle East surge in Q1
FCC signals continued commitment to Cyber Trust Mark program
CISOs see gaps in their incident response playbooks
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack
Opsec oopsie: Dutch navy frigate location outed by mailing it a Bluetooth tracker
Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug
Claude Opus wrote a Chrome exploit for $2,283
Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say
North Korea targets macOS users in latest heist
Americans who masterminded Nork IT worker fraud sentenced to 200 months behind bars
Git identity spoof fools Claude into giving bad code the nod
Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed
Microsoft announces product it doesn't want anyone to buy
VentureBeat
Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds
Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway
Frontier models are failing one in three production attempts — and getting harder to audit
43% of AI-generated code changes need debugging in production, survey finds
Five signs data drift is already undermining your security models
Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot
AI agent credentials live in the same box as untrusted code. Two new architectures show where the blast radius actually stops.
TechCrunch
Hackers are abusing unpatched Windows security flaws to hack into organizations
With US spy laws set to expire, lawmakers are split over protecting Americans from warrantless surveillance
Bluesky confirms DDoS attack is cause of continued app outages
European police email 75,000 people asking them to stop DDoS attacks
Two Americans sentenced for helping North Korea steal $5 million in fake IT worker scheme
Fashion retailer Express left customers’ personal data and order details exposed to the internet
Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant
Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites
Anthropic co-founder confirms the company briefed the Trump administration on Mythos
Adobe fixes PDF zero-day security bug that hackers have exploited for months
Network World Security
Broadcom’s Facebook friend will help train it to accelerate AI workloads
Data centers are costing local governments billions
Equinix offering targets automated AI-centric network operations
AI shifts IT roles from operator to orchestrator
IBM unveils security services for thwarting agentic attacks, automating threat assessment
OpenAI pulls out of a second Stargate data center deal
Maine to put brakes on big data centers as AI expansion collides with power limits
Satellite backhaul service Globalstar has a new, rich owner amid challenging market conditions
Cisco just made moves to own the AI infrastructure stack
Data centers are moving inland, away from some traditional locations
Help Net Security
Google wipes out 602 million scam ads with Gemini on duty
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics
Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery
Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control
SC Magazine
Bot traffic makes up 49% of online activity, but 99% of bots unwanted
AI as the defender: Reinventing proactive cybersecurity through intelligent automation
The AI "Vulnpocolypse" Is Real? - PSW #922
Cisco patches critical bugs in Webex, ISE
Netgear gets FCC exemption from foreign-made router ban
DOE, Lawrence Livermore National Laboratory partner on AI testbed
Microsoft, others patch hundreds of security flaws
Spanish, Australian hospitality platform breaches impact nearly 5M
Major luxury clothing retailers allegedly breached, samples leaked
Google Cloud Storage weaponized for clandestine Remcos RAT delivery
© 2026 RiskDiscovery | Sponsored by: Deception Logic