[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
DarkReading
UK Social Media Ban for Minors Has Privacy Experts Worried
Fileless Phantom Stealer Targets Browser Credentials
Security Community Slams US Ban on Exporting Mythos, Fable
SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence
'Lorem Ipsum' Malware Pivots to ClickFix Delivery
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
China-Nexus Actor Spies on US Researchers Undetected for a Year
Most CISOs Report Pressure to Bury Bad Security News
Ars Technica
Year of free HPE software a “step in the correct direction” in VMware rivalry
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
Users cry foul after AMD stripped memory crypto from its consumer CPUs
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
High-severity vulnerability in Linux caused by a single faulty character
For the 2nd time in weeks, Microsoft packages laced with credential stealer
How a USB-connected speaker can infect a PC without ever being touched
Dashlane explains how attackers managed to download encrypted password vaults
Can't make sense of Dashlane's vault theft notification? You're not alone.
CyberScoop
Lawmakers leary about Trump administration’s Anthropic order
AI’s constant patching treadmill can be a security problem
A case for how to shape ‘ingredient lists’ for AI models
Google exposes China espionage group that’s been lurking in networks undetected since 2023
Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat 
Anthropic disables new models after government calls them a national security concern
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
US, France, and Italian authorities shut down massive deepfake porn site
Conti ransomware group member pleads guilty, faces up to 20 years in prison
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
InfoSecurity Magazine
EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks
Fifteen JetBrains Marketplace Plugins Found Stealing API Keys
Staffing Is Top SOC Challenge Even as AI Proliferates, Says SANS
SprySOCKS Backdoor Expands From Linux to Windows
Rokarolla Trojan Combines Banking Fraud With Device Surveillance
Over Two-Thirds of Security Pros Say Cyber Is Getting Harder
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats
FBI Warns Courier Cash Pickups Are Driving Crypto Scams
Attackers Hijack Popular WordPress Plugins to Deploy Backdoors
SecurityWeek
Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software
Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack
Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day
Oracle’s Second Monthly Security Updates Deliver 245 Patches 
Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities
Joomla, LiteSpeed Vulnerabilities Exploited in Attacks
3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs
iRhythm Confirms Data Stolen in Hack
Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker
Magnitude Emerges From Stealth Mode With $10 Million in Funding
ZDNet
The best power banks of 2026: Expert and lab tested
Here's a portable power bank that's actually worth its high price - especially if you travel
I tested the best MacOS alternative on Linux again - and it even mimics Liquid Glass now
We tested 10 power banks in our lab - and this one had the fastest charge
These useful Amazon gadgets are up to 68% off - here's why I recommend them
Malicious apps got into the Arch User Repository - how to protect yourself
KDE Plasma 6.7 has way more useful features than I expected - and you'll likely get it soon
I've spent years with immutable Linux - RakuOS fixed my biggest annoyance
This 55-inch Fire TV on Amazon costs just $280 - and I can actually recommend it
Your Android phone keyboard may be tracking your inputs - how to check (and 2 ways to stop it)
The Hacker News
The Top 10 Attack Surface Exposures in 2026
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
144 Mastra npm Packages Compromised via Hijacked Contributor Account
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
BleepingComputer
Microsoft confirms Office apps launch issues after June updates
CISA orders feds to patch max severity Joomla plugin flaw by Friday
Microsoft working on Defender patch for RoguePlanet zero-day
Kodak confirms data breach claimed by ShinyHunters extortion gang
Malicious JetBrains Marketplace plugins steal AI API keys from developers
New Rokarolla Android malware targets 217 banking, crypto apps
Steam Workshop abused to spread malware via Wallpaper Engine app
UK to require ID or face scan before you can make social media accounts
GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
FTC warns of record $3.5 billion losses to imposter scams in 2025
gbhackers
ClickFix Attack Deploys Potemkin Loader, RMMProject RAT, and EtherRAT Across 11 Hosts
Google Cloud Vertex AI Vulnerability Lets Attackers Take Over and Poison AI Models
Hackers Target npm Ecosystem by Compromising 140+ Mastra Packages
Sapphire Sleet macOS Malware Abuses curl-to-osascript Execution for Multi-Stage Payload Delivery
Attackers Exploit Cloud Logging Platforms to Hide Malicious Activity
SprySOCKS Windows Backdoor Uses Kernel Driver to Hide Processes, Files, and Network Traffic
7-Year-Old OpenBSD Security Flaw Exposes Systems to Full PAP Authentication Bypass
Steam Workshop Malware Campaign Uses Wallpaper Engine to Steal Accounts and Infect Gamers
CISA Issues Alert on Oracle PeopleSoft Vulnerability Exploited by Ransomware Groups
Hackers Inject Malicious JavaScript Into WordPress Sites to Deploy ErrTraffic ClickFix Lures
Cybersecurity Dive
AI adoption correlates with incident frequency, underscoring need for governance
China-nexus group linked to multiyear campaign targeting US, Canadian medical research
Cybersecurity experts blast US government for restricting Anthropic’s AI models
MS-ISAC enters uncertain new era after losing federal funding and thousands of members
Agentic AI surges in financial sector even as many firms fail to manage security risks
It’s Mythos’ world now. How do we live in it?
ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft
Enterprises report increasing budgets for security training in AI and other critical topics
FIFA World Cup expected to face extensive criminal, hacktivist cyber threats
CISA gives agencies new vulnerability remediation deadlines that take risk levels into account
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Helpdesk scammers are making house calls to make their lies feel more real
Cyberattack sees crops kept in the ground
Python dev saved from disaster by intuition... and AI
Three critical Fortinet sandbox bugs splattered by unknown attackers
Crooks found a new way to collaborate using Teams – by hiding command-and-control traffic
Cardiac monitor maker's security skips a beat as data thieves go for the jugular
Cisco SD-WAN make-me-root bug under attack
Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Feds snooze as US datacenter law set to lapse with no replacement in site
VentureBeat
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.
Attackers scale deception with AI. Defenders need truth at machine speed.
NanoClaw and JFrog launch 'immune system' to block AI agents from downloading malicious code
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts
Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged
TechCrunch
Apple plans to change its Hide My Email privacy feature that could make it less effective
Bug in FIFA World Cup internal system gave anyone ability to modify TV stream
India orders temporary ban on Telegram over exam fraud concerns
The US government’s Anthropic models ban was never about an AI jailbreak
Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models
As AI agents become employees, NewCore emerges with $66M to give them identities
Amazon CEO reportedly raised Anthropic model concerns before government crackdown
The FBI built its own replica small town to simulate real-world cyberattacks
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
Network World Security
HPE Discover: Neri outlines an AI architecture built for agents
HPE product barrage targets AI networks, agents, management
2026 network outage report and internet health check
Cloud strategies have become more complicated than ever
Cisco patches SD-WAN flaw amid evidence of active exploitation
IBM sends signals with its $10 billion quantum pledge
NetBox at 10: Network inventory tool now a full infrastructure intelligence platform
How Jeetu Patel made Cisco unrecognizable
Amazon claims its data centers are 7x more water-efficient than the industry average
Marvell announces 102.4 Tbps switch silicon built for AI
Help Net Security
VelocityEHS uses QR codes to speed up incident reporting and risk response
Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)
What’s new in Android 17? Anti-theft tools, scam detection, and parental controls
The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects
Ukraine can now tap EU cyber support during major attacks
Apple is bringing Hide My Email and Sign in with Apple under one domain
Fortinet FortiSOC unifies SIEM, SOAR, threat intelligence, and AI in one platform
The SOC’s visibility gap comes down to staffing
Microsoft AntiSSRF open-source library helps block server-side request forgery
Product showcase: From phishing texts to risky Wi-Fi, Norton 360 Deluxe watches the gaps
SC Magazine
The artificial adversary and the erosion of trust
Turn underground intelligence into actionable security
Enterprise Browers in the Age of AI as CISO Role Changes and Leaders Harness Stress - Arunesh Chandra - BSW #452
Anonymized infrastructure complicates IP intelligence for security teams
SprySOCKS backdoor expands to Windows with new variants
Beyond Identity launches Ceros to secure enterprise AI agents
Malware distributed via Steam Workshop wallpapers
UK government to ban social media for under-16s
North Korean hackers use fake Microsoft alerts to deploy NarwhalRAT malware
DragonForce ransomware uses Microsoft Teams for covert command and control
© 2026 RiskDiscovery | Sponsored by: Deception Logic