[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
China-Nexus Actor Spy on US Researchers Undetected for a Year
Most CISOs Report Pressure to Bury Bad Security News
The Beginning of the End of Social Engineering
US Cracks Down on Anthropic AI Models Amid Abuse Concerns
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
Claude Fable 5 Doesn't Change the Mythos Security Story
Phishing Attack Volume Down 20%, But Risk Still Rising
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Segmentation Works for OT If Operators Are Paying Attention
Ars Technica
Critical Copilot vulnerability allowed hackers to seal 2FA code from users
Users cry foul after AMD stripped memory crypto from its consumer CPUs
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
Dozens of Red Hat packages backdoored through its official NPM channel
CyberScoop
Google exposes China espionage group that’s been lurking in networks undetected since 2023
Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat 
Anthropic disables new models after government calls them a national security concern
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
US, France, and Italian authorities shut down massive deepfake porn site
Conti ransomware group member pleads guilty, faces up to 20 years in prison
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
CyberCorps is adapting to AI. The budget isn’t keeping up.
Russian national charged in connection with Void Blizzard espionage campaign
OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers 
InfoSecurity Magazine
Over Two-Thirds of Security Pros Say Cyber Is Getting Harder
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats
FBI Warns Courier Cash Pickups Are Driving Crypto Scams
Attackers Hijack Popular WordPress Plugins to Deploy Backdoors
Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks
Cybersecurity Experts Urge US to Lift Ban on Anthropic's Frontier AI Models
UK Government Finds 400+ Vulnerabilities in AI Hackathons
Maine Takes Breach Reporting Portal Offline After Fake Entries
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
SecurityWeek
Can CISOs Trust Their Applications? TrustCloud Wants to Replace the Questionnaire
Cal Water Investigating Iranian Hackers’ Claims
White House Issues Memo to Bolster NSS Cybersecurity
Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages
Cybersecurity Executives Urge the Trump Administration to Ease Restrictions on Anthropic AI Models
Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure
Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks
Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer
Chinese Hackers Target Medical, Military, and AI Research in North America
NewCore Emerges From Stealth Mode With $66 Million in Funding
ZDNet
Chainguard's new Athena coalition uses AI to fix open-source flaws - before attackers exploit them
7 cost-efficient ways I made my TV sound a lot better (no soundbar required)
I tested a Bluetooth tracker that leverages LoRa mesh networks to find things - and it's so accurate
Get Audible for 3 months totally free - here's how
I modified my PC setup with a 15-in-1 docking station, and the benefits go beyond more ports
Your iPhone may support Channel Sounding via Bluetooth with iOS 27 - and it's a big deal
iOS 27 envy? 4 features you can already use on an Android phone (including Samsung models)
What the robot mower brands aren't telling you about their specs - and which ones are actually useful
25,000 miles later, my favorite Apple CarPlay apps remain functional, reliable, and mostly free
How to watch the FIFA World Cup 2026 today: 10 ways to stream (including free options)
The Hacker News
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes
BleepingComputer
CISA warns of another cPanel plugin flaw exploited in attacks
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
Critical Fortinet FortiSandbox flaws now exploited in attacks
Windows version of SprySOCKS Linux malware used to attack govt orgs
iRhythm discloses data breach, says hackers stole patient info
DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
SimpleHelp bug lets hackers create rogue remote support accounts
OptinMonster WordPress plugin hacked in CDN supply-chain attack
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Council of Europe investigates ShinyHunters data breach claims
gbhackers
Microsoft Teams Relay Abused by Hackers to Hide Malicious Traffic
Hackers Use OnionDrop Loader With DLL Sideloading to Deploy Multiple Infostealers
Novo Nordisk Confirms Cyberattack Exposing Patient Medical Data and Internal AI Assets
Infinite Campus Breach Leaks Personal Information of 137,000 Users
Hackers Abuse Compromised WordPress Sites to Deliver GULoader Through EtherHiding Chain
Ghostwriter APT Uses Fake Gmail Login Panels to Steal Passwords and 2FA Codes
Hackers Abuse Microsoft OAuth Device Code Flow to Take Over Microsoft 365 Accounts
OptinMonster Plugin Vulnerability Exposes 1.2 Million WordPress Sites to Cyberattacks
Rhysida and Interlock Ransomware Groups Linked to Initial Access Brokers and Crypter Ecosystem
Russian and Chinese Actors Use AI Translation and Visual Content in Malign Influence Operations
Cybersecurity Dive
China-nexus group linked to multiyear campaign targeting US, Canadian medical research
Cybersecurity experts blast US government for restricting Anthropic’s AI models
MS-ISAC enters uncertain new era after losing federal funding and thousands of members
Agentic AI surges in financial sector even as many firms fail to manage security risks
It’s Mythos’ world now. How do we live in it?
ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft
Enterprises report increasing budgets for security training in AI and other critical topics
FIFA World Cup expected to face extensive criminal, hacktivist cyber threats
CISA gives agencies new vulnerability remediation deadlines that take risk levels into account
CISA, researchers warn of escalating attacks using Cisco Catalyst SD-WAN flaws
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Cardiac monitor maker's security skips a beat as data thieves go for the jugular
Cisco SD-WAN make-me-root bug under attack
Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Feds snooze as US datacenter law set to lapse with no replacement in site
Microsoft site throwing warnings after someone forgot to renew cert
PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data
Arch Linux locks down AUR signups amid wave of malicious commits
AI is code – and can't be prompted into being smarter
NanoClaw now armed with JFrog for safer packages
VentureBeat
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
TechCrunch
India orders temporary ban on Telegram over exam fraud concerns
The US government’s Anthropic models ban was never about an AI jailbreak
Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models
As AI agents become employees, NewCore emerges with $66M to give them identities
Amazon CEO reportedly raised Anthropic model concerns before government crackdown
The FBI built its own replica small town to simulate real-world cyberattacks
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
Oracle warns of security bug that hackers abused to breach 100+ companies
South Korea hits Coupang with $400M+ fine for data breach that affected millions
Network World Security
Cisco patches SD-WAN flaw amid evidence of active exploitation
IBM sends signals with its $10 billion quantum pledge
NetBox at 10: Network inventory tool now a full infrastructure intelligence platform
How Jeetu Patel made Cisco unrecognizable
Amazon claims its data centers are 7x more water-efficient than the industry average
Marvell announces 102.4 Tbps switch silicon built for AI
IBM, ServiceNow team to bring AI to legacy enterprise systems
AI-powered WAF, virtual patching: How F5 is hardening networks against frontier threats
A quick look at Cisco’s strategy to become a software monster
Residential proxies are hiding in plain sight inside enterprise networks
Help Net Security
Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)
Crypto scammers are sending couriers to victims’ homes to collect cash
Software supply chains are heading for a transparency test
Planning a trip? Fake travel sites are multiplying this summer
GitHub releases an open dataset for multilingual developer content
Reachability makes AI threat modeling worth the trust
EU Cybersecurity Act 2.0: When good regulation goes bad
The rise of machine identities and agentic AI: Securing trust in the next era of digital autonomy
A $2 trillion revenue shift hinges on AI data governance
Cybersecurity jobs available right now: June 16, 2026
SC Magazine
100-plus cyber leaders, experts urge feds not to block Fable access
6 ways to identify non-human identities (NHIs)
Why Does It Matter Who or What Created the Code? - Matias Madou - ASW #387
China-linked group uses InfiniteRed malware to target medical research institutions
Leading job sites sell user data, Incogni report reveals
Mackay Sugar hit by cyberattack during crucial processing season
FBI warns of couriers collecting crypto scam payments
SearchLeak vulnerability allows data theft from Microsoft 365 Copilot Enterprise
1Password acquires Apono to bolster AI security
Gigamon and Zscaler integrate network telemetry with zero-trust access
© 2026 RiskDiscovery | Sponsored by: Deception Logic