[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
Oracle Red Bull Racing Team Revs Up Automation to Boost Security
Claude Mythos Fears Startle Japan's Financial Services Sector
Reverse Engineering With AI Unearths High-Severity GitHub Bug
AI Finds 38 Security Flaws in Electronic Health Record Platform
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error
Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later
Feuding Ransomware Groups Leak Each Other's Data
Vidar Rises to Top of Chaotic Infostealer Market
Ars Technica
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Open source package with 1 million monthly downloads stole user credentials
Why are top university websites serving porn? It comes down to shoddy housekeeping.
In a first, a ransomware family is confirmed to be quantum-safe
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Recent advances push Big Tech closer to the Q-Day danger zone
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Iran-linked hackers disrupt operations at US critical infrastructure sites
CyberScoop
Everyone’s building AI agents. Almost nobody’s ready for what they do to identity.
Congress, industry ponder government posture for protecting data centers
Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul
Federal CIO cautious on Anthropic’s Mythos despite planned rollout
Rep. Delia Ramirez takes over as top House cybersecurity Dem
U.S. companies hit with record fines for privacy in 2025
Chinese national extradited to US for pandemic-era Silk Typhoon attacks
Supreme Court justices skeptically question both sides in geofence surveillance case
Senators seek answers about hackers obtaining sensitive student data from ostensibly anonymous tip line
BlackFile actively extorting data-theft victims in retail and hospitality sector
InfoSecurity Magazine
CISA and Partners Publish Zero Trust Guidance For OT Security
UK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat Levels
Europol Busts Albanian Scam Call Centers in Major Online Fraud Case
Cyber is the Number One Global “People Risk,” Says Marsh
Cursor Extension Flaw Exposes Developer API Keys
Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets
Researchers Track 2.9 Billion Compromised Credentials
Critical Flaw Turns Vect Ransomware into Data Destroying Wiper
A Quarter of Healthcare Organizations Report Medical Device Cyber-Attacks
Medtronic Confirms Data Breach After ShinyHunters Claims
SecurityWeek
Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks
EnOcean SmartServer Flaws Expose Buildings to Remote Hacking
Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months
‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover
Sandhills Medical Says Ransomware Breach Affects 170,000
Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure
Hundreds of Internet-Facing VNC Servers Expose ICS/OT
Checkmarx Confirms Data Stolen in Supply Chain Attack
Iranian Cyber Group Handala Targets US Troops in Bahrain
38 Vulnerabilities Found in OpenEMR Medical Software
ZDNet
Samsung Galaxy vs. Google Pixel: My take after testing dozens of phones from both brands
I stopped this common charging habit that was quietly killing my iPhone's battery
The best cloud phone systems of 2026: Expert tested and reviewed
The case against an imminent software developer apocalypse
Privacy in the AI era is possible, says Proton's CEO, but one thing keeps him up at night
This simple Linux tweak fixes crashes automatically - and it costs me nothing
Windows changes are coming: Here's how to get a sneak peek at what's next
Eero Signal keeps your business online during internet outages
Motorola Razr Ultra (2026) vs. Samsung Galaxy Z Flip 7: I tried both, and there's a clear winner
Forget Samsung Galaxy S26 Ultra: I found alternatives that are nearly as good for less money
The Hacker News
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
BleepingComputer
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
Critical cPanel and WHM bug exploited as a zero-day, PoC now available
Police dismantles 9 crypto scam centers, arrests 276 suspects
Official SAP npm packages compromised to steal credentials
Popular WordPress redirect plugin hid dormant backdoor for years
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Hackers arrested for hijacking and selling 610,000 Roblox accounts
cPanel, WHM emergency update fixes critical auth bypass bug
European police dismantles €50 million crypto investment fraud ring
Learning from the Vercel breach: Shadow AI & OAuth sprawl
gbhackers
PoC Disclosed for Critical Root ASUSTOR ADM RCE Flaw
OpenAI Unveils Cyber Defense Roadmap Focused on AI-Powered Security
Attackers Exploit cPanel Authentication Bypass 0-Day After PoC Release
Jenkins Plugin Updates Fix Path Traversal and Stored XSS Bugs
Backdoored WordPress Plugin Abuses Remote Update Checker for Silent Code Delivery
Qinglong Task Scheduler RCE Flaws Exploited in the Wild
Compromised SAP npm Packages Found Harvesting Developer and CI/CD Secrets
SonicWall SonicOS Flaw Lets Attackers Bypass Access Controls and Crash Firewalls
ProFTPD SQL Injection Flaw Opens Door To Remote Code Execution Attacks
Linux Kernel 0-Day “Copy Fail” Grants Root Access Across Major Distros Since 2017
Cybersecurity Dive
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog
State CISOs losing confidence in ability to manage cyber risks
‘Fundamental tension’ undermines manufacturers’ cybersecurity
North Korea-linked actor targets Web3 execs in social-engineering campaign
Major critical infrastructure supplier reports cyberattack
US, UK authorities warn that Firestarter backdoor malware survives patching
When security becomes the attack surface: Why endpoint protection must evolve
Hasbro expects March cyberattack to impact second-quarter revenue
AI-written software creates hassles for wary security teams
China disguises cyberattacks with ‘covert network’ botnets, US and allies warn
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Nearly half of UK businesses pwned last year as phishing keeps doing the job like it's 2005
What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day
Britain's £6B armoured sickener Ajax cleared for duty despite injuring troops
Finance company stores DB credentials in helpfully labeled spreadsheet
Linux cryptographic code flaw offers fast route to root
Researchers move in the right direction, develop powerful GPS interference alarm
Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Legacy TLS tour continues with Exchange Online blocking old versions from July 2026
CISA flags data-theft bug in NSA-built OT networking tool
VentureBeat
CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.
85% of enterprises are running AI agents. Only 5% trust them enough to ship.
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain
Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it
Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall
The enforcement gap: 88% of enterprises reported AI agent security incidents last year
Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway
TechCrunch
Sri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministry
Paragon is not collaborating with Italian authorities probing spyware attacks, report says
US Supreme Court appears split over controversial use of ‘geofence’ search warrants
Hacker who allegedly carried out cyberattacks for China is extradited to US
Critical infrastructure giant Itron says it was hacked
Another spyware maker caught distributing fake Android snooping apps
Trump’s pick to run US cyber agency CISA asks to drop out
Vercel says some of its customers’ data was stolen prior to its recent hack
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
France confirms data breach at government agency that manages citizens’ IDs
Network World Security
HPE expands ProLiant line with rugged edge servers
Deconstructing the data center: A massive (and massively liberating) project
Cisco bolsters security, AI support in latest SD-WAN release
The era of chatbot AIOps is fading as agentic AI gains traction
Auvik bets agentic AI can fill the networking skills gap
2026 network outage report and internet health check
Infected Cisco firewalls need cold start to clear persistent Firestarter backdoor
AI data bursts force rethink of data center networking at Backblaze
Nvidia’s ‘AI insurance policy’ balances immediate and future AI approaches
Top network and data center events of 2026
Help Net Security
cPanel zero-day exploited for months before patch release (CVE-2026-41940)
Cisco releases open-source toolkit for verifying AI model lineage
Met Police face criticism for using AI to spy on their own officers
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)
Researchers develop tool to expose GPS signal spoofing in transit networks
Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs
Hackers arrested for stealing and reselling 600,000 Roblox accounts
Automated LLM red teaming gets a learning layer
Bad bots make up 40% of internet traffic
Warp open sources its AI terminal client
SC Magazine
CISA adds ConnectWise, Microsoft flaws to KEV catalog
Securing every door: Scalable strategies to manage machine and AI agent risks
LiteLLM exploited within 36 hours of disclosure via SQL injection bug
A Founder's Journey: From Microsoft Active Directory MVP to Co-Founder and CTO - Guy Teverovsky - FS #14
Swisscom radar warns of geopolitical cyber surge
Global education sector attacks surge 63%
AI lowers attack barriers, Google intel chief warns
Cybercriminals adopt structured operational security to evade detection
Microsoft to block legacy TLS connections for POP and IMAP in Exchange Online
Supreme Court hears arguments on controversial geofence warrants
© 2026 RiskDiscovery | Sponsored by: Deception Logic