[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
76% of All Crypto Stolen in 2026 Is Now in North Korea
If AI's So Smart, Why Does It Keep Deleting Production Databases?
Name That Toon: Mark of (Security) Progress
20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber
Oracle Red Bull Racing Team Revs Up Automation to Boost Security
Claude Mythos Fears Startle Japan's Financial Services Sector
Reverse Engineering With AI Unearths High-Severity GitHub Bug
Ars Technica
Ubuntu infrastructure has been down for more than a day
The most severe Linux threat to surface in years catches the world flat-footed
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
CyberScoop
US government, allies publish guidance on how to safely deploy AI agents
Former incident responders sentenced to 4 years in prison for committing ransomware attacks
FCC tightens KYC rules for telecoms, closes loophole for banned foreign services
Congress kicks the can down the road on surveillance law (again)
cPanel’s authentication bypass bug is being exploited in the wild, CISA warns
Two new extortion crews are speedrunning the Scattered Spider playbook
Everyone’s building AI agents. Almost nobody’s ready for what they do to identity.
Congress, industry ponder government posture for protecting data centers
Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul
Federal CIO cautious on Anthropic’s Mythos despite planned rollout
InfoSecurity Magazine
Anthropic Rolls Out Claude Security for AI Vulnerability Scanning
Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks
Nine-Year-Old Zero-Day Flaw in Linux Kernel Discovered by AI-Equipped Security Researcher
Three Arrested for Hacking Over 610,000 Roblox Accounts
Deep#Door Python Backdoor Evades Detection On Windows
CISA and Partners Publish Zero Trust Guidance For OT Security
UK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat Levels
Europol Busts Albanian Scam Call Centers in Major Online Fraud Case
Cyber is the Number One Global “People Risk,” Says Marsh
Cursor Extension Flaw Exposes Developer API Keys
SecurityWeek
New Bluekit Phishing Kit Features AI Assistant
In Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability 
Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge
Two US Security Experts Sentenced to Prison for Helping Ransomware Gang
Sophisticated Deep#Door Backdoor Enables Espionage, Disruption
Cisco Releases Open Source Tool for AI Model Provenance 
Hugging Face, ClawHub Abused for Malware Distribution
FBI Warns of Surge in Hacker-Enabled Cargo Theft
1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom
Anthropic Unveils Claude Security to Counter AI-Powered Exploit Surge
ZDNet
Why I own 4 different pairs of headphones, and how I effectively use each one
I enabled Data Saver mode on my Android phone to avoid overcharges - and it's a big relief
T-Mobile is giving 5G customers Hulu and Netflix subscriptions, free - here's how to get them
5 last-minute gifts your mom will actually like for Mother's Day (and all are on sale)
Samsung will give you a free 32-inch Odyssey monitor right now - how to qualify
Google Maps vs. Waze: I compared the two best navigation apps, and this one wins
How we test AI at ZDNET
This portable computer is the Raspberry Pi alternative I didn't know I needed
I spent 30 days working without a laptop - here's what it taught me about real productivity
I've tested robot mowers for years - here's my expert advice for every yard type
The Hacker News
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
Trellix Confirms Source Code Breach With Unauthorized Repository Access
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Top Five Sales Challenges Costing MSPs Cybersecurity Revenue
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
BleepingComputer
Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
ConsentFix v3 attacks target Azure with automated OAuth abuse
Microsoft tests modern Windows Run, says it's faster than legacy dialog
Edu tech firm Instructure discloses cyber incident, probes impact
15-year-old detained over French govt agency data breach
Story retracted
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Microsoft fixes Remote Desktop warnings displaying incorrectly
Microsoft now lets admins choose pre-installed Store apps to uninstall
Windows 11 KB5083631 update released with 34 changes and fixes
gbhackers
Massive Facebook Phishing Operation Leverages AppSheet, Netlify, and Telegram
cPanelSniper PoC Exploit Disclosed as 44,000 Servers Reportedly Compromised
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
EtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise Admins
New Android Spyware Platform Enables Rebranding and Resale
CAPTCHA and ClickFix Abuse Fuels Credential Theft Surge
Multiple Exim Mail Server Vulnerabilities Could Trigger Crashes via Malicious DNS Data
DDoS Malware Targets Jenkins to Hit Valve Game Servers
Multiple Wireshark Vulnerabilities Allow Arbitrary Code Execution via Malformed Packets
AI-Powered Ransomware Surge Hits 7,831 Victims Worldwide
Cybersecurity Dive
White House questions tech industry on defensive AI use, cybersecurity resilience
As email phishing evolves, malicious attachments decline and QR codes surge
US and allies urge ‘careful adoption’ of AI agents
PwC partners with Google Cloud to take on the managed security market
US agencies promote zero-trust practices for operational technology networks
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog
State CISOs losing confidence in ability to manage cyber risks
‘Fundamental tension’ undermines manufacturers’ cybersecurity
North Korea-linked actor targets Web3 execs in social-engineering campaign
Major critical infrastructure supplier reports cyberattack
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Brace for the patch tsunami: AI is unearthing decades of buried code debt
First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially exposed
OpenAI locks GPT-5.5-Cyber behind velvet rope despite slamming Anthropic for doing exactly that
Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down
Passport to £££: Home Office adds £216M to travel doc contract before a single bid's been placed
The never-ending supply chain attacks worm into SAP npm packages, other dev tools
Bot her emails: most modern phishing campaigns are AI-enabled
FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'
Google's fix for critical Gemini CLI bug might break your CI/CD pipelines
French prosecutors link 15-year-old to mega-breach at state’s secure document agency
VentureBeat
200,000 MCP servers expose a command execution flaw that Anthropic calls a feature
Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it
Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall
TechCrunch
Ubuntu services hit by outages after DDoS attack
Hackers are actively exploiting a bug in cPanel, used by millions of websites
After dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, too
Dental practice software maker fixes bug that exposed patients’ medical records
Sri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministry
Paragon is not collaborating with Italian authorities probing spyware attacks, report says
US Supreme Court appears split over controversial use of ‘geofence’ search warrants
Hacker who allegedly carried out cyberattacks for China is extradited to US
Critical infrastructure giant Itron says it was hacked
Another spyware maker caught distributing fake Android snooping apps
Network World Security
Extreme Networks: Memory advantage, Wi-Fi 7 and competitive flux drive momentum
Scenes from the great data center revolt
Enterprise Spotlight: Transforming software development with AI
When 170,000 people show up: Network refresh readies Churchill Downs for Kentucky Derby
Network jobs watch: Hiring, skills and certification trends
IT certification pay surges as noncertified skills slump
QuEra claims quantum error correction breakthrough with 2-to-1 qubit ratio
HPE expands ProLiant line with rugged edge servers
Deconstructing the data center: A massive (and massively liberating) project
Cisco bolsters security, AI support in latest SD-WAN release
Help Net Security
Week in review: High-severity LPE vulnerability in the Linux kernel, cPanel 0-day exploited for months
Download: Automating Pentest Delivery Guide
Open-source privacy proxy masks PII before prompts reach external AI services
Shadow AI risks deepen as 31% of users get no employer training
Identity is the control plane for distributed infrastructure
AI traffic is getting bigger, louder, and less predictable
New infosec products of the month: April 2026
cPanel zero-day exploited for months before patch release (CVE-2026-41940)
Cisco releases open-source toolkit for verifying AI model lineage
Met Police face criticism for using AI to spy on their own officers
SC Magazine
Cisco releases open-source ‘DNA test for AI models’
New software supply chain attack uses sleeper packages for credential theft and CI tampering
Ubuntu and Canonical services disrupted by DDoS attack claimed by hacktivists
Vietnamese operation uses Google AppSheet for Facebook phishing, targets 30,000 accounts
More sophisticated EtherRAT malware variant delivered via trojanized installer
Medicare directory exposes Social Security numbers of US healthcare providers
Anthropic opens Claude Security public beta for code audits
House OKs Homeland Security spending legislation
Federal zero trust guidelines for OT environments unveiled
Remote building compromise likely with EnOcean SmartServer bugs
© 2026 RiskDiscovery | Sponsored by: Deception Logic