[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Name That Toon: Mark of (Security) Progress
20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber
Oracle Red Bull Racing Team Revs Up Automation to Boost Security
Claude Mythos Fears Startle Japan's Financial Services Sector
Reverse Engineering With AI Unearths High-Severity GitHub Bug
AI Finds 38 Security Flaws in Electronic Health Record Platform
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error
Ars Technica
The most severe Linux threat to surface in years catches the world flat-footed
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
CyberScoop
Former incident responders sentenced to 4 years in prison for committing ransomware attacks
FCC tightens KYC rules for telecoms, closes loophole for banned foreign services
Congress kicks the can down the road on surveillance law (again)
cPanel’s authentication bypass bug is being exploited in the wild, CISA warns
Two new extortion crews are speedrunning the Scattered Spider playbook
Everyone’s building AI agents. Almost nobody’s ready for what they do to identity.
Congress, industry ponder government posture for protecting data centers
Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul
Federal CIO cautious on Anthropic’s Mythos despite planned rollout
Rep. Delia Ramirez takes over as top House cybersecurity Dem
InfoSecurity Magazine
Anthropic Rolls Out Claude Security for AI Vulnerability Scanning
Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks
Nine-Year-Old Zero-Day Flaw in Linux Kernel Discovered by AI-Equipped Security Researcher
Three Arrested for Hacking Over 610,000 Roblox Accounts
Deep#Door Python Backdoor Evades Detection On Windows
CISA and Partners Publish Zero Trust Guidance For OT Security
UK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat Levels
Europol Busts Albanian Scam Call Centers in Major Online Fraud Case
Cyber is the Number One Global “People Risk,” Says Marsh
Cursor Extension Flaw Exposes Developer API Keys
SecurityWeek
Two US Security Experts Sentenced to Prison for Helping Ransomware Gang
Sophisticated Deep#Door Backdoor Enables Espionage, Disruption
Cisco Releases Open Source Tool for AI Model Provenance 
Hugging Face, ClawHub Abused for Malware Distribution
FBI Warns of Surge in Hacker-Enabled Cargo Theft
1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom
Anthropic Unveils Claude Security to Counter AI-Powered Exploit Surge
AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours
SonicWall Urges Immediate Patching of Firewall Vulnerabilities
SAP NPM Packages Targeted in Supply Chain Attack
ZDNet
Mini LED vs. OLED: I've tested dozens of TV with both display types, and this one's better
Eero Signal keeps your business online during internet outages
After using the $1,900 Motorola Razr Fold again, I'm doubling down on my buying advice
How I scan documents with my Android phone and turn them into PDFs for free - it's easy
I used Photoshop's new AI tool to rotate objects in 3D, and it's pure magic
I replaced my dad's aging Lenovo desktop with this Dell model - and don't regret it
My home Wi-Fi was full of dead zones - here are 6 solutions that actually worked
Best AirPods of 2026: Expert tested and reviewed
I ditched my laptop for XR headsets, tablets, and phones - and learned an important lesson
Moving from AI pilots to business-wide value requires a superhighway - how to ramp up
The Hacker News
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Top Five Sales Challenges Costing MSPs Cybersecurity Revenue
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
BleepingComputer
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Microsoft fixes Remote Desktop warnings displaying incorrectly
Microsoft now lets admins choose pre-installed Store apps to uninstall
Windows 11 KB5083631 update released with 34 changes and fixes
US ransomware negotiators get 4 years in prison over BlackCat attacks
New Bluekit phishing service includes an AI assistant, 40 templates
Romanian leader of online swatting ring gets 4 years in prison
FBI links cybercriminals to sharp surge in cargo theft attacks
April KB5083769 Windows 11 update causes backup software failures
What Happens in the First 24 Hours After a New Asset Goes Live
gbhackers
EtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise Admins
New Android Spyware Platform Enables Rebranding and Resale
CAPTCHA and ClickFix Abuse Fuels Credential Theft Surge
Multiple Exim Mail Server Vulnerabilities Could Trigger Crashes via Malicious DNS Data
DDoS Malware Targets Jenkins to Hit Valve Game Servers
Multiple Wireshark Vulnerabilities Allow Arbitrary Code Execution via Malformed Packets
AI-Powered Ransomware Surge Hits 7,831 Victims Worldwide
Deep#Door Stealer Targets Passwords, Tokens, SSH Keys, and Wi-Fi Credentials
FBI Warns Logistics Sector of Fake Business Identity Cargo Scams
China-Aligned Hackers Deploy ShadowPad in Multi-Stage Espionage Campaign
Cybersecurity Dive
As email phishing evolves, malicious attachments decline and QR codes surge
US and allies urge ‘careful adoption’ of AI agents
PwC partners with Google Cloud to take on the managed security market
US agencies promote zero-trust practices for operational technology networks
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog
State CISOs losing confidence in ability to manage cyber risks
‘Fundamental tension’ undermines manufacturers’ cybersecurity
North Korea-linked actor targets Web3 execs in social-engineering campaign
Major critical infrastructure supplier reports cyberattack
US, UK authorities warn that Firestarter backdoor malware survives patching
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially exposed
OpenAI locks GPT-5.5-Cyber behind velvet rope despite slamming Anthropic for doing exactly that
Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down
Passport to £££: Home Office adds £216M to travel doc contract before a single bid's been placed
The never-ending supply chain attacks worm into SAP npm packages, other dev tools
Bot her emails: most modern phishing campaigns are AI-enabled
FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'
Google's fix for critical Gemini CLI bug might break your CI/CD pipelines
French prosecutors link 15-year-old to mega-breach at state’s secure document agency
Nearly half of UK businesses pwned last year as phishing keeps doing the job like it's 2005
VentureBeat
Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it
Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall
The enforcement gap: 88% of enterprises reported AI agent security incidents last year
TechCrunch
Ubuntu services hit by outages after DDoS attack
Hackers are actively exploiting a bug in cPanel, used by millions of websites
After dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, too
Dental practice software maker fixes bug that exposed patients’ medical records
Sri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministry
Paragon is not collaborating with Italian authorities probing spyware attacks, report says
US Supreme Court appears split over controversial use of ‘geofence’ search warrants
Hacker who allegedly carried out cyberattacks for China is extradited to US
Critical infrastructure giant Itron says it was hacked
Another spyware maker caught distributing fake Android snooping apps
Network World Security
When 170,000 people show up: Network refresh readies Churchill Downs for Kentucky Derby
Network jobs watch: Hiring, skills and certification trends
IT certification pay surges as noncertified skills slump
QuEra claims quantum error correction breakthrough with 2-to-1 qubit ratio
HPE expands ProLiant line with rugged edge servers
Deconstructing the data center: A massive (and massively liberating) project
Cisco bolsters security, AI support in latest SD-WAN release
The era of chatbot AIOps is fading as agentic AI gains traction
Auvik bets agentic AI can fill the networking skills gap
2026 network outage report and internet health check
Help Net Security
Download: Automating Pentest Delivery Guide
Open-source privacy proxy masks PII before prompts reach external AI services
Shadow AI risks deepen as 31% of users get no employer training
Identity is the control plane for distributed infrastructure
AI traffic is getting bigger, louder, and less predictable
New infosec products of the month: April 2026
cPanel zero-day exploited for months before patch release (CVE-2026-41940)
Cisco releases open-source toolkit for verifying AI model lineage
Met Police face criticism for using AI to spy on their own officers
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)
SC Magazine
Microsoft: QR code, CAPTCHA-gated phishing more than double in Q1 2026
GoDaddy under fire for alleged unauthorized domain transfer
India's cybersecurity watchdog warns of AI-driven cyber threats
Ukrainian police arrest 3 hackers for hijacking 610,000 Roblox accounts
Polymarket denies data breach claims by hacker Xorcat
Oak Ridge National Laboratory develops advanced GPS interference detector
Sri Lanka investigates missing $625,000 payment amid hacking concerns
European Commission accuses Meta of DSA violations regarding child safety
Lookout launches AI visibility and governance for mobile ecosystem
Critical cPanel vulnerability actively exploited in the wild
© 2026 RiskDiscovery | Sponsored by: Deception Logic