Risk Discovery

DarkReading

Startup Spotlight: Twine Security Tackles the Execution Gap

GITEX GLOBAL 2025

Silver Fox APT Blurs the Line Between Espionage & Cybercrime

Air France, KLM Alert Authorities of Data Breach

Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking

'Samourai' Cryptomixer Founders Plead Guilty to Money Laundering

Citizen Lab Founder Flags Rise of US Authoritarianism

Payback: 'ShinyHunters' Clocks Google via Salesforce

The Critical Flaw in CVE Scoring

Chanel Alerts Clients of Third-Party Breach

Ars Technica

Google discovered a new scam—and also fell victim to it

OpenAI launches GPT-5 free to all ChatGPT users

Here’s how deepfake vishing attacks work, and why they can be hard to detect

Voice phishers strike again, this time hitting Cisco

AI site Perplexity uses “stealth tactics” to flout no-crawl edicts, Cloudflare says

At $250 million, top AI salaries dwarf those of the Manhattan Project and the Space Race

Microsoft catches Russian hackers targeting foreign embassies

In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network

So far, only one-third of Americans have ever used AI for work

Flaw in Gemini CLI coding tool could allow hackers to run nasty commands

CyberScoop

Federal courts to ramp up filing system security after ‘recent escalated cyberattacks’

BlackSuit, Royal ransomware group hit over 450 US victims before last month’s takedown

CISA, Microsoft warn organizations of high-severity Microsoft Exchange vulnerability

Nigerian accused of hacking tax preparation businesses extradited to US

New National Cyber Director Cairncross faces challenges on policy, bureaucracy, threats

SonicWall firewalls hit by active mass exploitation of suspected zero-day

Why identity is the definitive cyber defense for federal agencies

Iranian hackers were more coordinated, aligned during Israel conflict than it seemed

Google addresses six vulnerabilities in August’s Android security update

AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Microsoft rolls out GPT-5 across its Copilot suite - here's where you'll find it

The best Hisense TVs of 2025: Expert tested and reviewed

The best smartphones without AI features in 2025: Expert tested and recommended

Why I ditched Google Chrome for Firefox Focus within 10 minutes of using the mobile browser

The best mobile VPNs of 2025: Expert tested and reviewed

I took 500 photos with the two best Android camera phones - here's the clear winner

Mesh routers vs. Wi-Fi routers: What is best for your home office?

This $200 Android phone beats competing Motorola and Samsung models in a unique way

These Sony headphones are a fan favorite - and they're on sale at Amazon at a new low price

Android phone feeling slow? How I changed one setting to instantly double the speed

The Hacker News

Leaked Credentials Up 160%: What Attackers Are Doing With Them

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense

Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups

6,500 Axis Servers Expose Remoting Protocol; 4,000 in U.S. Vulnerable to Exploits

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

BleepingComputer

Microsoft 365 apps to soon block file access via FPRPC by default

Microsoft will kill the Lens PDF scanner app for iOS, Android

Columbia University data breach impacts nearly 870,000 individuals

Royal and BlackSuit ransomware gangs hit over 450 US companies

Fake WhatsApp developer libraries hide destructive data-wiping code

CISA orders fed agencies to patch new Exchange flaw by Monday

ChatGPT's GPT-5 models released: everything you need to know

New EDR killer tool used by eight different ransomware groups

Bouygues Telecom confirms data breach impacting 6.4 million customers

SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw

Cybersecurity Dive

CISA officials say agency is moving ahead despite workforce purge

NSA partnering with cyber firms to support under-resourced defense contractors

SonicWall says recent attack wave involved previously disclosed flaw, not zero-day

CISA, Microsoft warn about new Microsoft Exchange server vulnerability

US still prioritizing zero-trust migration to limit hacks’ damage

Top US energy companies frequently exposed to critical security flaws

CISA’s relationship with industry needs work to reestablish trust, experts say

Cybersecurity budgets tighten as economic anxiety rises

SonicWall investigating possible zero-day related to firewall attacks

AI is helping hackers automate and customize cyberattacks

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Infosec hounds spot prompt injection vuln in Google Gemini apps

UK secretly allows facial recognition scans of passport, immigration databases

UK proxy traffic surges as users consider VPN alternatives amid Online Safety Act

Prohibition never works, but that didn't stop the UK's Online Safety Act

Why blow up satellites when you can just hack them?

German security researchers say 'Windows Hell No' to Microsoft biometrics for biz

Microsoft, CISA warn yet another Exchange server bug can lead to 'total domain compromise'

Black Hat's network ops center brings rivals together for a common cause

CISA releases malware analysis for Sharepoint Server attack

KLM, Air France latest major organizations looted for customer data

VentureBeat

Black Hat 2025: Why your AI tools are becoming the next insider threat

Anthropic ships automated security reviews for Claude Code as AI-generated vulnerabilities surge

Anthropic’s new Claude 4.1 dominates coding tests days before GPT-5 arrives

ChatGPT rockets to 700M weekly users ahead of GPT-5 launch with reasoning superpowers

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution

AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders

ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step

Sparrow raises $35M Series B to automate the employee leave management nightmare

TechCrunch

Data breach at French telecom giant Bouygues affects millions of customers

TeaOnHer, a rival Tea app for men, is leaking users’ personal data and driver’s licenses

Citizen Lab director warns cyber industry about US authoritarian descent

Final call: TechCrunch Disrupt 2025 ticket savings end tonight

Google says hackers stole its customers’ data by breaching its Salesforce database

Hacker used a voice phishing attack to steal Cisco customers’ personal information

SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks

Google says its AI-based bug hunter found 20 security vulnerabilities

Perplexity accused of scraping websites that explicitly blocked AI scraping

North Korean spies posing as remote workers have infiltrated hundreds of companies, says CrowdStrike

Network World Security

WatchGuard updates tabletop firewall series with high-speed networking and AI-powered security

Top network and data center events 2025

In crowded observability market, Gartner calls out AI capabilities, cost optimization, DevOps integration

HPE unveils AI-powered network security and data protection technology

Cisco teams with Hugging Face for AI model anti-malware

2025 global network outage report and internet health check

Riverbed banks on AI-driven network observability

Data neutrality: Safeguarding your AI’s competitive edge

Broadcom expands AI networking portfolio with Jericho4 Ethernet fabric router

Infoblox reinforces DNS defense package

Help Net Security

August 2025 Patch Tuesday forecast: Try, try again

Third-party partners or ticking time bombs?

From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends

Fraud controls don’t guarantee consumer trust

New infosec products of the week: August 8, 2025

What GPT‑5 means for IT teams, devs, and the future of AI at work

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls

Top solutions to watch after Black Hat USA 2025

Photos: Black Hat USA 2025

InfoSecurity Magazine

US Federal Judiciary Tightens Security Following Escalated Cyber-Attacks

Bouygues Telecom Data Breach Exposes 6.4 Million Customer Records

#BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free Cyber Services Program

#BHUSA: Microsoft Debuts AI Agent Able to Reverse Engineer Malware

New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at Risk

Google Among Victims in Ongoing Salesforce Data Theft Campaign

Experts Alarmed by UK Government’s Companies House ID Checks

SonicWall: Attacks Linked to Legacy Bug and Password Use

#BHUSA: Security Researchers Uncover Critical Flaws in Axis CCTV Software

#BHUSA: Researchers Expose Infrastructure Behind Cybercrime Network VexTrio

© 2025 RiskDiscovery | Sponsored by: Deception Logic