[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Cyber Pioneers Ponder Past as Prologue
Taiwan Incident Highlights Cybersecurity Gaps in Rail Systems
SecurityScorecard Snags Driftnet to Level Up Threat Intelligence
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine
AI Drives Cybersecurity Investments, Widening 'Valley of Death'
Foxconn Attack Highlights Manufacturing's Cyber Crisis
Checkbox Assessments Aren't Fit to Measure Risk
Attackers Weaponize RubyGems for Data Dead Drops
Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak
Ars Technica
Zero-day exploit completely defeats default Windows 11 BitLocker protections
Cisco announces record revenue and 4,000 layoffs in the same day
Linux bitten by second severe vulnerability in as many weeks
Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
Ars Asks: Share your shell and show us your tricked-out terminals!
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Why Reddit blocked my daily visit to its mobile website
GameStop offers $56 billion for eBay, struggles to explain how it'll pay for it
Ubuntu infrastructure has been down for more than a day
CyberScoop
Pentagon cyber official calls advanced AI ‘revolutionary warfare’
White House cyber official: identity security matters more than ever in the age of AI
Major tech manufacturer Foxconn confirms cyberattack hit North American factories
Researchers say AI just broke every benchmark for autonomous cyber capability
Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks
DOJ releases legal rationale for nationwide voter data collection
Weaponized AI: The new frontier of fraud and identity spoofing
Daybreak is OpenAI’s answer to the AI arms race in cybersecurity
‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack
Major world economies spell out key elements of AI ‘ingredients list’
InfoSecurity Magazine
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
Mustang Panda Linked to Updated FDMTP Backdoor in Asia-Pacific Espionage Campaign
Google Launches Android Spyware Forensics Tool for High-Risk Users
New Fragnesia Flaw Hands Linux Local Users Root Access
Most Organizations Now Use AI Agents for Sensitive Security Tasks
ICO Publishes Five-Step Plan to Counter Emerging AI-Powered Attacks
Canvas Owner Reaches Agreement With Cybercriminals After Ransomware Attack
Avada Builder Flaws Expose One Million WordPress Sites
Ransomware: Over Half of CISOs Would Consider Paying Ransom to Hackers
SecurityWeek
Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild
American Lending Center Data Breach Affects 123,000 Individuals
OpenAI Hit by TanStack Supply Chain Attack
TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code
Chrome 148 Update Patches Critical Vulnerabilities
Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026
Enhancing Data Center Security Without Sacrificing Performance
New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation
Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere
Akamai to Acquire AI and Browser Security Firm LayerX for $205 Million
ZDNet
Samsung vs. Motorola in 2026: I've tested enough phones from both to know my winner
Bose Lifestyle Ultra Speaker vs. Sonos Era 100: I compared both models, and here's the winner
This new Claude skill saves you from bad contracts - and costs less than a lawyer
I tested Bose's Lifestyle Ultra soundbar, and it raised the 'too much bass' debate in my home
I tested Bose's new smart speaker beside my Sonos Era 100 - it was better in several ways
My 4 favorite Android Auto settings are seriously useful - but hidden by default
Your Sonos smart speaker has an underutilized automation feature - 5 helpful ways I use mine
Amazon Prime Day 2026 is coming in June: Everything to know about dates, deals, and what to expect
Can anything replace my laptop? I tested 5 remote work setups to find the best alternative
Cable, cords, and adapters I never throw away - and why these accessories are worth saving
The Hacker News
What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
How AI Hallucinations Are Creating Real Security Risks
BleepingComputer
Microsoft to automatically roll back faulty Windows drivers
Microsoft warns of Exchange zero-day flaw exploited in attacks
TeamPCP hackers advertise Mistral AI code repos for sale
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
OpenAI confirms security breach in TanStack supply chain attack
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
18-year-old NGINX vulnerability allows DoS, potential RCE
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
KongTuke hackers now use Microsoft Teams for corporate breaches
gbhackers
Gunra Ransomware Expands RaaS After Conti Locker Shift
VMware Fusion Flaw Could Allow Attackers to Gain Root Privileges
Shai-Hulud Worm Steals Dev Secrets Across npm, GitHub, AWS & Kubernetes
Google Project Zero Details Pixel 10 Zero-Click Exploit Chain
Hackers Exploit OAuth Device Flow to Steal Microsoft 365 Tokens
PraisonAI Vulnerability Actively Exploited Within Hours of Being Made Public
OrBit Rootkit Targets Linux to Steal SSH and Sudo Credentials
Microsoft Warns HPE Operations Agent Abused in Malware-Free Attacks
Microsoft Edge, Windows 11, and LiteLLM Fall to Exploits at Pwn2Own Berlin 2026
Tycoon 2FA Operators Use OAuth Device Code Phishing to Bypass MFA
Cybersecurity Dive
More money is going to physical security, but it’s often CISOs that oversee it: EY
Frontier AI models reap rapid discovery of security vulnerabilities
West Pharmaceutical starts restoring operations after ransomware attack
Foxconn confirms cyberattack affecting some North American facilities
OpenAI launches Daybreak to combat cyber threats
Canvas owner reaches ‘agreement’ with threat actors after data breach
Guardrail Technologies launches Traffic Light for Code & AI™; first security technology to verify & secure AI code and the people creating it
Identity takes center stage as a leading factor in enterprise cyberattacks
AI and an absent government: Takeaways from RSAC 2026
Second Canvas data breach causes major disruptions for schools, colleges
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
OpenAI caught in TanStack npm supply chain chaos after employee devices compromised
MPs want social media treated more like unsafe toys than harmless apps
Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data
Cops arrest man suspected of being Dream Market kingpin
Dirty Frag gets a sequel as Fragnesia hands Linux attackers root-level access
To gain root access at this company, all an intruder had to do was ask nicely
AI models are getting better at replacing cybersecurity pros on certain tasks
Cisco to fire 4,000 staff and generously give them free training – on Cisco
Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits
AWS to Quick admins: The access control didn't work, but you weren't using it anyway, so what's the problem?
VentureBeat
Agent authorization is broken — and authentication passing makes it worse
Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps
Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses
AI agents are running hospital records and factory inspections. Enterprise IAM was never built for them.
AI tool poisoning exposes a major flaw in enterprise agent security
5,000 vibe-coded apps just proved shadow AI is the new S3 bucket crisis
An AI agent rewrote a Fortune 50 security policy. Here's how to govern AI agents before one does the same.
TechCrunch
OpenAI says hackers stole some data after latest code security issue
A spyware investigator exposed Russian government hackers trying to hijack Signal accounts
Cisco cuts nearly 4,000 jobs to spend more on AI, reports ‘record quarterly revenue’
This is what some of the world’s largest banks of malware look like stacked as hard drives
Ransomware hackers claim breach at Foxconn, a major electronics manufacturer for Apple, Google, and Nvidia
US lawmakers demand answers from Instructure after Canvas data breaches
Google launches new Android security feature to help uncover spyware attacks
US bank discloses security lapse after sharing customer data with AI app
Exaforce raises $125M Series B to build AI for catching and stopping cyberattacks as they happen
Instructure strikes deal with hackers who breached it twice
Network World Security
Cisco warns of an actively exploited SD-WAN flaw with max severity
Digital twins reshape network and data center management
Network outages, power failures strain data center resiliency
Five takeaways from Cisco’s blowout quarter and what it means to customers
Cisco to cut nearly 4,000 jobs despite strong growth in AI, enterprise networking
Startup SPAN teams with Nvidia to put data center nodes in your backyard
Hard drive shortage affecting enterprise storage needs
Wi-Fi 8 is closer than you think. Here’s what you need to know
Cisco open-sources agentic AI security spec
HPE revamps private cloud stack for enterprises rethinking VMware
Help Net Security
Google lets Workspace admins apply one policy across all SAML apps
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
Akamai to acquire LayerX for $205 million
Thieves unlock stolen iPhones using cheap tools sold on Telegram
Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
Rocky Linux launches opt-in security repository for urgent fixes
Keycard helps developers secure autonomous AI agents with scoped access
Deepfake detection is losing ground to generative models
Zombie linkages are keeping expired domains trusted for years
The AI oversight paradox: Is the investment worth the cost of watching it?
SC Magazine
The blind spot in AI security: Resilience for model and training data
New Linux privilege escalation flaw ‘Fragnesia’ disclosed; PoC available
Trump administration's voter data collection efforts face legal challenges
Fake job interviews used to deploy JobStealer malware
Alleged Dream Market administrator indicted on money laundering charges
Broadcom patches high-severity VMware Fusion flaw allowing local privilege escalation
Fleet Device Management launches autonomous endpoint management platform
SecurityScorecard acquires Driftnet to enhance AI-driven risk management
Two vulnerabilities found in popular WordPress plugin Avada Builder
Critical 'NGINX Rift' vulnerability discovered, present for 18 years
© 2026 RiskDiscovery | Sponsored by: Deception Logic