[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Sweeping Credential-Harvesting Heist Compromises 30K+ Fortinet Devices
UK Social Media Ban for Minors Has Privacy Experts Worried
Fileless Phantom Stealer Targets Browser Credentials
Security Community Slams US Ban on Exporting Mythos, Fable
SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence
'Lorem Ipsum' Malware Pivots to ClickFix Delivery
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
China-Nexus Actor Spies on US Researchers Undetected for a Year
Ars Technica
Windows and Linux users: The deadline to update Secure Boot keys is near
Year of free HPE software a “step in the correct direction” in VMware rivalry
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
Users cry foul after AMD stripped memory crypto from its consumer CPUs
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
CyberScoop
Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April
Lawmakers leery about Trump administration’s Anthropic order
AI’s constant patching treadmill can be a security problem
A case for how to shape ‘ingredient lists’ for AI models
Google exposes China espionage group that’s been lurking in networks undetected since 2023
Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat 
Anthropic disables new models after government calls them a national security concern
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
US, France, and Italian authorities shut down massive deepfake porn site
Conti ransomware group member pleads guilty, faces up to 20 years in prison
InfoSecurity Magazine
North Korean Hiring Fraud Runs on AI and US Laptop Farms
Serverless Phishing Kit on GitHub Targets Mexican Banks
Sensitive Enterprise Data Uploads to AI Models Double in a Year
AI Threats and Alert Fatigue Challenge Cybersecurity Teams
EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks
Fifteen JetBrains Marketplace Plugins Found Stealing API Keys
Staffing Is Top SOC Challenge Even as AI Proliferates, Says SANS
SprySOCKS Backdoor Expands From Linux to Windows
Rokarolla Trojan Combines Banking Fraud With Device Surveillance
Over Two-Thirds of Security Pros Say Cyber Is Getting Harder
SecurityWeek
Webinar Today: How Modern Breaches Bypass MFA and Evade Detection
1Password Acquires Apono in Reported $250M-$300M Deal
Tenet Security Emerges From Stealth With $6 Million Seed Funding
Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software
Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack
Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day
Oracle’s Second Monthly Security Updates Deliver 245 Patches 
Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities
Joomla, LiteSpeed Vulnerabilities Exploited in Attacks
3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs
ZDNet
The best early Prime Day smartwatch and fitness tracker deals I'd recommend to optimize my health
Google and Apple are finally giving smartwatches the creative freedom they needed
Every way your phone tracks your location - and how to stop it
Best early Prime Day Apple deals I found for MacBooks, iPads, AirPods, and more
Firefox for Android just got 3 useful browsing features - including an ad block tracker
I was jealous of these 4 iOS 27 features - then I realized my Android phone already has them
Best early Amazon Prime Day deals under $25: Top deals on cheap gadgets I've tested
5 best Prime Day Anker deals: Chargers, power stations, and more we recommend to avoid low battery
Best early Amazon Prime Day tablet deals: Up to $300 off Samsung, Apple, and Microsoft
ReMarkable Paper Pure vs. Amazon Kindle Scribe (2026): I tested the budget models - here's my pick
The Hacker News
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization
The Top 10 Attack Surface Exposures in 2026
144 Mastra npm Packages Compromised via Hijacked Contributor Account
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
BleepingComputer
FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.
Why Account Takeovers Are Rising and How to Stop Them
India's Telegram ban hit the UAE too. Here's how to get around it
Microsoft confirms Office apps launch issues after June updates
CISA orders feds to patch max severity Joomla plugin flaw by Friday
Microsoft working on Defender patch for RoguePlanet zero-day
Kodak confirms data breach claimed by ShinyHunters extortion gang
Malicious JetBrains Marketplace plugins steal AI API keys from developers
New Rokarolla Android malware targets 217 banking, crypto apps
Steam Workshop abused to spread malware via Wallpaper Engine app
gbhackers
SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies
Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It
Modular Phishing Kit Uses GitHub Pages to Steal Payment Card Details and Passwords
ClickFix Attack Deploys Potemkin Loader, RMMProject RAT, and EtherRAT Across 11 Hosts
Google Cloud Vertex AI Vulnerability Lets Attackers Take Over and Poison AI Models
Hackers Target npm Ecosystem by Compromising 140+ Mastra Packages
Sapphire Sleet macOS Malware Abuses curl-to-osascript Execution for Multi-Stage Payload Delivery
Attackers Exploit Cloud Logging Platforms to Hide Malicious Activity
SprySOCKS Windows Backdoor Uses Kernel Driver to Hide Processes, Files, and Network Traffic
7-Year-Old OpenBSD Security Flaw Exposes Systems to Full PAP Authentication Bypass
Cybersecurity Dive
Major critical infrastructure disruptions are inevitable, acting CISA chief says
California water utility probes breach claim by Iran-linked actor
AI isn’t solving cybersecurity workforce woes
AI adoption correlates with incident frequency, underscoring need for governance
Critical vulnerabilities in Fortinet FortiSandbox are under exploitation
China-nexus group linked to multiyear campaign targeting US, Canadian medical research
Cybersecurity experts blast US government for restricting Anthropic’s AI models
MS-ISAC enters uncertain new era after losing federal funding and thousands of members
Agentic AI surges in financial sector even as many firms fail to manage security risks
It’s Mythos’ world now. How do we live in it?
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Massive password-stealing attack hits 75k Fortinet firewalls
Digital sovereignty needs an operating model
Cisco adds another SD-WAN box to max-severity bug advisory
Homebrew 6.0 released with new security mechanism, Linux sandbox and more
Helpdesk scammers are making house calls to make their lies feel more real
Cyberattack sees crops kept in the ground
Python dev saved from disaster by intuition... and AI
Three critical Fortinet sandbox bugs splattered by unknown attackers
Crooks found a new way to collaborate using Teams – by hiding command-and-control traffic
Cardiac monitor maker's security skips a beat as data thieves go for the jugular
VentureBeat
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
TechCrunch
Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world
Apple plans to change its Hide My Email privacy feature that could make it less effective
Bug in FIFA World Cup internal system gave anyone ability to modify TV stream
India orders temporary ban on Telegram over exam fraud concerns
The US government’s Anthropic models ban was never about an AI jailbreak
Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models
As AI agents become employees, NewCore emerges with $66M to give them identities
Amazon CEO reportedly raised Anthropic model concerns before government crackdown
The FBI built its own replica small town to simulate real-world cyberattacks
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
Network World Security
Turn enterprise AI into real business value with a secure, scalable factory
Tether is shipping TurboQuant KV-cache quantization with Vulkan support into its QVAC SDK
AMD acquires MEXT to add predictive memory optimization to its AI stack
HPE Discover: Neri outlines an AI architecture built for agents
HPE product barrage targets AI networks, agents, management
2026 network outage report and internet health check
Cloud strategies have become more complicated than ever
Cisco patches SD-WAN flaw amid evidence of active exploitation
IBM sends signals with its $10 billion quantum pledge
NetBox at 10: Network inventory tool now a full infrastructure intelligence platform
Help Net Security
Low-skilled attacker used Claude, Codex to breach 14 companies
Another healthcare firm attacked days after Novo Nordisk breach
WitnessAI Agentic Control secures AI agents, tools, and MCP server access
Tigera introduces unified control plane for Kubernetes-based AI agent security
Rokarolla Android trojan targets banking and crypto users, enables device takeover
Flip expands platform with digital identity, no-code apps, and AI automation
Corelight enhances Open NDR to detect AI-driven threats and unknown assets
ArmorCode helps product manufacturers prepare for EU Cyber Resilience Act requirements
Legit Security brings agentic AI to AppSec remediation and risk reduction
Tenable One adds continuous security control validation to improve exposure prioritization
SC Magazine
Attackers drop DragonForce ransomware leveraging MS Teams relay systems
Google Cloud Vertex AI SDK flaw allowed model hijacking and code execution
Mastra npm packages compromised in 'easy-day-js' supply chain attack
Apple to change Hide My Email domain, potentially impacting anonymous sign-ups
Summer vacation scams surge, targeting travel industry
AUR suspends new registrations as 1,500-plus malicious packages flood repository
Malicious JetBrains plugins steal AI API keys from developers
The artificial adversary and the erosion of trust
Turn underground intelligence into actionable security
Enterprise Browers in the Age of AI as CISO Role Changes and Leaders Harness Stress - Arunesh Chandra - BSW #452
© 2026 RiskDiscovery | Sponsored by: Deception Logic