[
News
|
Newsletters
|
Blogs
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
2-Click Cursor Exploit Enables Dev Environment Takeover
Nigeria Deepens Cybersecurity Efforts as Cybercriminals See More Profits
Cribl Adds Agentic Detection Engineering & Boosts SecOps With CardinalOps Deal
Records Are Made to Be Broken: Patch Tuesday Raises Triage Stakes
6 GHz Wi-Fi Flaws Could Disrupt Critical Systems
Manage Vendor Risk in a Few Practical Steps
Frontier AI: The Genie's Out of the Bottle, but Where's the Rulebook?
ClickFix's Mushrooming Ecosystem Demands New Defense Tactics
Cursor IDE Auto-Executes Malicious Code in Poisoned Repos
Weak Security Continues to Fuel Russian Cyberattacks
Ars Technica
Microsoft’s Secure Boot has been broken for a decade and no one noticed until now
The US government warns that Russia state hackers are coming after your router
Now, defenders are embracing the prompt injection, too
Patch for Windows Defender 0-day could allow attackers to fill hard disk
Allstate accuses Broadcom of auditing it because it quit VMware, CA
Google pays $250K for Linux vulnerability allowing guest VM escapes
Aussie gov't tells volunteers to throw out thousands of functioning test routers
US rare earths flow to Asia as domestic demand is slow to emerge
Hackers can use 9 of the most popular AI tools to assemble massive botnets
Newly discovered PamStealer isn't your typical macOS malware
CyberScoop
White House details ‘Gold Eagle’ clearinghouse for AI cyber threats
Microsoft discloses ‘the mother of all’ vulnerability loads, tripling June’s previous record
Treasury sanctions First VPN Service, others for abetting ransomware gangs
States are building their own election defense networks as federal support evaporates
Europe strikes out against Russia’s Turla over espionage, ‘destructive attacks’
Officials once again warn defenders that Russian hackers are targeting network devices
AI-generated code has made security debt a governance problem
Armenian national pleads guilty to Ryuk ransomware attacks
CISA looks to remedy ailments from big May credential leak
Former DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail
InfoSecurity Magazine
Compromised Logins Surge as the Most Common Entry Point for Ransomware Attacks
Progress Restores ShareFile Storage Zones Access After Vulnerability Exploit Concerns
Microsoft Patches 570 CVEs in Record Patch Tuesday
Government Updates UK’s National Risk Register with Cyber Warnings
US: Pentagon Suspends CMMC Phase II Requirements for Defense Contractors
New MacOS Malware Exploits Legitimate Developer ID to Pose as Apple Crash Reporter
Lidl Notifies Customers of Third-Party Data Breach
Five Charged in “Russian Coms” Fraud Platform Case
Open Directory Exposes Three Evilginx Phishing Operators
Pakistani Police Systems Hit by Chinese and Indian Espionage
SecurityWeek
Windows Bind Link Attacks Can Hide Malware From EDR Tools
Virtual Event Today: Cloud & Data Security Summit
US Charges Russian Individuals and Firms for Running Cybercrime Services
Vulnerabilities Patched by Fortinet, Ivanti, ServiceNow
White House Launches AI-Driven ‘Gold Eagle’ Vulnerability Coordination Initiative
Progress Confirms Zero-Day Vulnerability Behind ShareFile Disruption
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Rockwell
Critical Vulnerabilities Patched With Fresh Chrome 150, Firefox 152 Updates
SonicWall Issues Urgent SMA Patch Warning for Two Zero-Day Exploits
Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days
ZDNet
How to use Gemini to plan your next summer vacation - in minutes
I highly recommend Nomad's chargers, phone cases, and watch bands - and my favorites are on sale now
Waze just gave me 5 new reasons to switch from Apple Maps
I tested Google Maps vs. Waze to find the best updated navigation app - and this one wins
OpenVPN 3 ways: Which is the right version for you?
Four months with my first home battery taught me what whole-home backup really means
I tested my USB-C cables with this free Mac app - some weren't what they claimed
Why I'm using wired Android Auto when all the cool kids are switching to wireless
I've used the iOS 27 beta for a month: 7 ways the new Siri is dramatically better
I tested the Ultrahuman Ring Pro: It's a biohacker's dream that's not for me
The Hacker News
SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.
Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday
New Webinar: Closing the Approval Gap in AI-Era Ad Tech
Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware
Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack
SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data
Researchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail Reads
LabubaRAT Masquerades as NVIDIA Software to Control Windows Hosts
BleepingComputer
CISA warns admins to patch actively exploited SharePoint flaws
Microsoft: Some Dell PCs shut down after recent Windows updates
US charges alleged operators of Russian bulletproof hosting service
SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
Spanish Police take down €140 million cyber fraud ring, arrest four
Nearly 300 GitHub repos pose as legit software to push malware
Microsoft releases Windows 10 KB5099539 extended security update
Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Windows 11 KB5101650 & KB5099414 cumulative updates released
Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown
gbhackers
OkoBot Malware Uses ClickFix and SeedHunter to Steal Ledger and Trezor Seed Phrases
Microsoft Blocks Windows 11 Security Update on Dell PCs Over Intel Driver Causing Shutdowns and Battery Drain
3 Russian Nationals Indicted for Running Bulletproof Hosting Network Behind $62 Million Cyberattacks
LabubaRAT Rust Malware Masquerades as NVIDIA Software to Backdoor Windows Systems
Dell Warns of Critical PowerProtect Data Domain Flaws Allowing Remote Attackers to Take Complete Control
11 Malicious NuGet Game Cheat Packages Deploy Pepesoft Windows Surveillance Malware
SheetAgent RAT Runs 14 Virtual Machine Checks and Self-Deletes When Analysis Is Detected
FaceTime Scammers Combine Credential Theft, Remote-Access Apps, and iOS Exploits for Device Takeover.
Microsoft Fixes Multiple Windows RDP Flaws Exposing Sensitive Data Over the Network
Critical SonicWall SMA 1000 SSRF and Remote Code Execution Flaws Actively Exploited in the Wild
Cybersecurity Dive
Sharp rise in AI adoption for cyber defense exposes major governance gap
Healthcare sector faces persistent challenges with supply-chain security, identity management
US authorities warn that state-linked hackers are targeting vulnerable networking devices
Hackers find a new trick to collect Microsoft Entra user data without raising red flags
Copy-paste might be the riskiest thing your enterprise employees do all day
When cybercriminals outrun the feed
Initial access broker linked to weaponization of CitrixBleed2 flaw
CISA details security lapses that led to GitHub leak of passwords, cloud access keys
Data breach hits car insurance provider
Ransomware ecosystem grows, but ‘four-headed monster’ dominates
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
LegacyHive: 'Bone-shattering' zero-day from Microsoft's serial tormentor not the haymaker that was promised
Patchpocalypse Now: Microsoft tops last month's record with 622 Patch Tuesday CVEs
Welsh Doxbin admin jailed for egging on swatters from behind a screen
Musk promises purge after Grok Build caught sending entire repos to the cloud
'The bots are alive!' Jailbroken Gemini spun up new C2 server for Russian fraudster in just 6 minutes
Baddies caught exploiting extensions bugs with perfect 10 scores on vulnerable Joomla websites
EU and UK officially blame Russian spies for cyberattack on Poland's power grid
World Cup grudge attackers may have scored Argentine FA access via year-old infostealer infection
Progress orders emergency ShareFile server shutdown over mystery security threat
Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package
VentureBeat
1Password moves into AI cost management, betting that token spend is the next enterprise budget crisis
Forget typosquatting; slopsquatting is the software supply chain threat created by AI coding tools
Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds
AI has collapsed the cyber response window — resilience now starts before the attack
The real cost, security, and culture problems behind enterprise AI agents
Digital resilience compounds when AI and human expertise scale together
The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.
TechCrunch
Iran abused mobile networks’ vulnerabilities to locate US military in the Middle East, report says
Telegram’s shortlink domain is back online after day-long suspension
Apple says former employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI
LAPD lets contract with surveillance giant Flock expire, citing ‘serious concerns’ over civil liberties and privacy
US cybersecurity agency CISA had to build its incident playbook during the incident, agency reveals
Florida ransomware negotiator convicted for helping ransomware gang extort US companies
Another massive data breach exposed millions of driver’s license numbers
Hacked, leaked, and held for ransom: The worst breaches of 2026 so far
Hacktivists call out Trump by hacking and defacing US Army websites
Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom
Network World Security
Google Cloud configuration update disrupts VMware Engine stretched clusters
Fortinet adds AI protections to endpoint security platform
How data centers cope with heat waves
ISC2: AI raises accountability demands for cybersecurity teams
2026 network outage report and internet health check
Governments to enterprises: Improve your router security hygiene
Severe weather an increasing risk for data center construction
Routine maintenance as a failure vector in modern networks
Network jobs watch: Hiring, skills and certification trends
AI job titles expand beyond tech as IT hiring remains strong
Help Net Security
Radware adds cloud intelligence to DefensePro X for web DDoS defense
LatticeFlow AI connects governance frameworks with continuous AI risk monitoring
Spanish police dismantle €140 million cybercrime network
Nudge Security automates detection of risky OAuth grants and browser extensions
Binary Defense’s NightBeacon CMD helps enterprise SOC teams automate threat investigations
Polygraf AI Meeting Guard delivers real-time deepfake detection for enterprise meetings
ClickFix is changing the economics of social engineering
AI-driven bug hunting fuels record Microsoft Patch Tuesday
AWS retools Security Hub for AI and multicloud threats
FreeRDP 3.29.0 security update resolves 22 advisories
SC Magazine
MacOS ‘CrashStealer’ malware poses as crash reporter to steal credentials
Take Back Control as Enterprises Struggle to Incorporate Risks They Don't Understand - Ben Lipczynski - BSW #456
Old Microsoft-signed UEFI applications can bypass Secure Boot
Synopsys denies data breach claims by new ransomware group D1R
European lawmakers criticize Anthropic for AI policy hearing representation
Man sentenced for role in swatting attacks
ShinyHunters group exploits OAuth trust, prompting Microsoft security upgrades
Cursor vulnerability allows execution of malicious binaries
Google Cloud open-sources tool to manage shadow AI
Fortinet enhances endpoint security with AI monitoring and data loss prevention
© 2026 RiskDiscovery | Sponsored by:
Deception Logic