[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Helping Romance Scam Victims Require a Proactive, Empathic Approach
US Busts Myanmar Ring Targeting US Citizens in Financial Fraud
Glasswing Secured the Code. The Rest of Your Stack Is Still on You
AI Phishing Is No. 1 With a Bullet for Cyberattackers
North Korea's Lazarus Targets macOS Users via ClickFix
Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets
China-Backed Hackers Are Industrializing Botnets
Bad Memories Still Haunt AI Agents
'Zealot' Shows What AI's Capable of in Staged Cloud Attack
Ars Technica
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
Thousands of consumer routers hacked by Russia's military
OpenClaw gives users yet another reason to be freaked out about security
CyberScoop
Latest spy power reauthorization bill leaves critics unimpressed
Vercel attack fallout expands to more customers and third-party systems
US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied
Dragos: Despite AI use, new malware targeting water plants is ‘hype’
Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities
A dozen allied agencies say China is building covert hacker networks out of everyday routers
CISA director pick Sean Plankey withdraws his nomination
House Republicans roll out national privacy bill
The Supreme Court is about to decide how far geofence warrants can go
The AI era demands a different kind of CISO
InfoSecurity Magazine
Most Cybersecurity Professionals Feel Undervalued and Underpaid
Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet
BlackFile Group Targets Retail and Hospitality with Vishing Attacks
UK Biobank Data Breach: Health Data of 500,000 Listed for Sale in China
AI Rush is Reviving Old Cybersecurity Mistakes, Mandiant VP Warns
Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation
Google Favors General-Purpose Gemini Models Over Cybersecurity‑Specific AI
Apple Fixes iOS Notification Bug Exposing Deleted Messages
Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform
Cyber-Attacks Surge 63% Annually in Education Sector
SecurityWeek
Energy and Water Management Firm Itron Hacked
UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware
Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access
US Launches Sweeping Crackdown on Southeast Asia Cyberscams and Sanctions Cambodian Senator
Firefox Vulnerability Allows Tor User Fingerprinting
China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks
Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions
In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device
Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents
Locked Shields 2026: 41 Nations Strengthen Cyber Resilience in World’s Biggest Exercise
ZDNet
You can still get a free Samsung Galaxy Watch 8 deal at T-Mobile - here's how to qualify
I changed these 12+ Hisense TV settings to significantly improve the picture quality
This bestselling gaming device is not a Nintendo or a PlayStation - and I highly recommend it
I stress-tested this SSD enclosure with a bulldozer - here's how it held up
My new favorite AirTag alternative fits perfectly in my wallet - and is seriously durable
Nearly half of cybersecurity pros want to quit - here's why
I ran the 20-minute Apple Watch calibration test - and my data got more accurate
Framework Laptop 13 Pro vs. MacBook Neo: These Windows rivals are more similar than expected
I bought a $40 earwax camera and keep finding reasons to use it
How to audit what ChatGPT knows about you - and reclaim your data privacy
The Hacker News
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware
BleepingComputer
American utility firm Itron discloses breach of internal IT network
Microsoft rolls out revamped Windows Insider Program
Threat actor uses Microsoft Teams to deploy new “Snow” malware
ADT confirms data breach after ShinyHunters leak threat
Firestarter malware survives Cisco firewall updates, security patches
Windows Update gets new controls to reduce forced restarts
New BlackFile extortion group linked to surge of vishing attacks
Microsoft to roll out Entra passkeys on Windows in late April
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
DORA and operational resilience: Credential management as a financial risk control
gbhackers
Fake Income Tax Notices Used to Spread Malware
Itron Discloses Data Breach After Hackers Access Internal Systems
Linux ELF Malware Generator Evades ML Detection With Semantic-Preserving Changes
Researchers Warn macOS textutil, KeePassXC Can Fuel Automation Attacks
North Korean Hackers Target Pharma Firms with Malware-Laced Excel Attacks
OpenClaw Flaws Expose Systems to Policy Bypass Attacks
Critical Gemini CLI Flaw Raises Supply Chain Security Concerns
NPM Worm Hits Namastex Packages, Steals Secrets Across Registries
Nessus Agent Windows Flaw Enables SYSTEM-Level Code Execution
ClickFix Attack Swaps PowerShell for Cmdkey, Remote Regsvr32 Payloads
Cybersecurity Dive
When security becomes the attack surface: Why endpoint protection must evolve
Hasbro expects March cyberattack to impact second-quarter revenue
AI-written software creates hassles for wary security teams
China disguises cyberattacks with ‘covert network’ botnets, US and allies warn
Iran-nexus threat groups refine attacks against critical infrastructure
Trump’s CISA director pick withdraws after tumultuous nomination
Microsoft SharePoint vulnerability widely exposed across multiple countries
Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says
CISA urges security teams to view environments following axios compromise
Big banks seek to ease security worries as AI push accelerates
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Burglar alarm biz burgled: ADT confirms cyber intrusion after ShinyHunters extortion attempt
Microsoft updates the Windows Update Experience: You can hit pause now
ICO chief John Edwards steps back as workplace probe quietly unfolds
Anthropic's magic code-sniffer: More Swiss cheese than cheddar, for now
Google Cloud Next proves what we suspected: Everything is AI now
AI's not going to kill open source code security
Crime crew impersonates help desk, abuses Microsoft Teams to steal your data
US clarifies mobile hotspots part of foreign router ban despite rarity of American made consumer kit
ShinyHunters claim they have cruise giant Carnival's booty as 7.5M emails surface
Governments on high alert after CISA snuffs out Firestarter backdoor on fed network
VentureBeat
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it
Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall
Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds
Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway
TechCrunch
Another spyware maker caught distributing fake Android snooping apps
Trump’s pick to run US cyber agency CISA asks to drop out
Vercel says some of its customers’ data was stolen prior to its recent hack
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
France confirms data breach at government agency that manages citizens’ IDs
Apple fixes bug that cops used to extract deleted chat messages from iPhones
Cosmetics giant Rituals confirms data breach of customer membership records
UK government says 100 countries have spyware that can hack people’s phones
Ransomware negotiator pleads guilty to helping ransomware gang
With US spy laws set to expire, lawmakers are split over protecting Americans from warrantless surveillance
Network World Security
Meta’s compute grab continues with agreement to deploy tens of millions of AWS Graviton cores
Cirrascale to offer on-prem Google Gemini models
Space data-center news: Roundup of extraterrestrial AI endeavors
Network jobs watch: Hiring, skills and certification trends
Cisco switch aimed at building practical quantum networks
How AI is reshaping copper, fiber networking
40% of data center projects will be late this year, study finds
It’s the end of set-and-forget security
2026 network outage report and internet health check
Google bets on workload-specific TPUs with 8t and 8i launch
Help Net Security
TLS Connect gives SMBs a right-sized automated tool to manage TLS certificates
Aptori expands its platform with autonomous offensive testing to reduce security bottlenecks
Your IAM was built for humans, AI agents don’t care
The AI criminal mastermind is already hiring on gig platforms
25 open-source cybersecurity tools that don’t care about your budget
Product showcase: LuLu reveals unauthorized outbound connections from Mac apps
Week in review: Claude Mythos finds 271 Firefox flaws, Vercel breach
Users advised to drop passwords and make room for passkeys
Indirect prompt injection is taking hold in the wild
Compromised everyday devices power Chinese cyber espionage operations
SC Magazine
Rethinking Security from the OS Up in the Age of AI and more RSAC 2026 Interviews - Craig Sanderson, Sachin Jade, Travis Wong, Phil Calvin, Karen Heart - ESW #456
‘AiFrame’ browser attacks continue with fake authenticator, converter extensions
Scylla &Charybdis, Kyber, Trigonia, Namastex, GitHub, Crypto, Cables, Aaran Leyland - SWN #575
Controlling AI at machine speed: Detecting risk, protecting systems, and reversing mistakes
UNC6692 impersonates help desk employees to drop SNOW malware via Teams
Cambodian senator, others hit with US sanctions over scam allegations
Ransomware supply chain untangled by RAMP forum leak
Further Vercel customer data compromise confirmed
Checkmarx supply chain hack impacts Bitwarden CLI
Threat of ZionSiphon malware downplayed
© 2026 RiskDiscovery | Sponsored by: Deception Logic