Risk Discovery

DarkReading

Attackers Season Spam With a Touch of 'Salt'

Security Concerns Shadow Vibe Coding Adoption

Medusa Ransomware Actors Exploit Critical Fortra GoAnywhere Flaw

Patch Now: 'RediShell' Threatens Cloud Via Redis RCE

Cyberattackers Exploit Zimbra Zero-Day Via ICS

Clop Ransomware Hits Oracle Customers Via Zero-Day Flaw

Chinese Gov't Fronts Trick the West to Obtain Cyber Tech

Self-Propagating Malware Hits WhatsApp Users in Brazil

Scattered Lapsus$ Hunters Returns With Salesforce Leak Site

Dutch Authorities Arrest Two Teens for Alleged Pro-Russian Espionage

Ars Technica

Ars Live: Is the AI bubble about to pop? Ed Zitron is on with Ars at 3:30pm EDT today

AMD wins massive AI chip deal from OpenAI with stock sweetener

ICE wants to build a 24/7 social media surveillance team

Why iRobot’s founder won’t go within 10 feet of today’s walking robots

That annoying SMS phish you just got may have come from a box like this

OpenAI’s Sora 2 lets users insert themselves into AI videos with sound

Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks

DeepSeek tests “sparse attention” to slash AI processing costs

California’s newly signed AI law just gave Big Tech exactly what it wanted

Anthropic says its new AI model “maintained focus” for 30 hours on multistep tasks

CyberScoop

Oracle zero-day defect amplifies panic over Clop’s data theft attack spree

House Dems seek info about ICE spyware contract, wary of potential abuses

Potential EU law sparks global concerns over end-to-end encryption for messaging apps

Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks

Federal judiciary touts cybersecurity work in wake of latest major breach

Researchers say Israeli government likely behind AI-generated disinfo campaign in Iran

Red Hat confirms breach of GitLab instance, which stored company’s consulting data

Here is the email Clop attackers sent to Oracle customers

Android spyware disguised as legitimate messaging apps targets UAE victims, researchers reveal

North Korea IT worker scheme swells beyond US companies

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Amazon is giving Samsung Z Fold 7 shoppers its most generous discount yet - how to redeem

Best Amazon Prime Day phone deals in October 2025: My 20 favorite deals on Samsung, Google, and more

One of the most immersive soundbars I've tested is not made by Bose or Sonos (and it's on sale)

Best Amazon Prime Day Best Buy deals in October 2025: Save up to $300 on laptops, phones and headphones

Best Amazon Prime Day deals in October 2025: I found discounts up to 56% off

Best Amazon Prime Day TV deals in October 2025: Save up to $1,600 on LG, Samsung, and more

I pack this portable workstation whenever I travel, and it's 20% off for Prime Day

This flagship Garmin watch has satellite superpowers that make it irreplaceable for me

The M4 MacBook Air just got a rare $200 discount on Amazon, and I don't expect it to last long

I found a Whoop rival that's just as good at fitness tracking but has no subscription fees

The Hacker News

BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers

Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations

5 Critical Questions For Adopting an AI Security Solution

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

BleepingComputer

Google won’t fix new ASCII smuggling attack in Gemini

DraftKings warns of account breaches in credential stuffing attacks

Clop exploited Oracle zero-day for data theft since early August

North Korean hackers stole over $2 billion in crypto this year

Electronics giant Avnet confirms breach, says stolen data unreadable

Microsoft kills more Microsoft Account bypasses in Windows 11

Redefining Security Validation with AI-Powered Breach and Attack Simulation

Google's new AI bug bounty program pays up to $30,000 for flaws

Red Hat data breach escalates as ShinyHunters joins extortion

Microsoft: Critical GoAnywhere bug exploited in ransomware attacks

Cybersecurity Dive

Public disclosures of AI risk surge among S&P 500 companies

Businesses fear AI exposes them to more attacks

Extortion campaign targeting Oracle E-Business Suite customers linked to zero-day

Hackers steal sensitive Red Hat customer data after breaching GitLab repository

Renault Group confirms UK customer data stolen in third-party breach

Oracle investigating extortion emails targeting E-Business Suite customers

UNFI reports solid results as it recovers from cyberattack

Hackers claiming ties to Clop launch wide extortion campaign targeting corporate executives

Federal cuts force many state and local governments out of cyber collaboration group

Landmark US cyber-information-sharing program expires, bringing uncertainty

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Employees regularly paste company secrets into ChatGPT

Nearly a year after attack, US medical scanning biz gets clear image of stolen patient data

Police and military radio maker BK Technologies cops to cyber break-in

OpenAI bans suspected Chinese accounts using ChatGPT to plan surveillance

Britain eyes satellite laser warning system and carrier-launched jet drones

UK Home Office opens wallet for £60M automated number plate project

Credential stuffing: £2.31 million fine shows passwords are still the weakest link

Scattered Lapsus$ Hunters offering $10 in Bitcoin to 'endlessly harass' execs

Radiant Group won't touch kids' data now, but apparently hospitals are fair game

Thieves steal IDs and payment info after data leaks from Discord support vendor

VentureBeat

Stopping breaches at machine speed demands agents, not alerts

SOC teams face 51-second breach reality—Manual response times are officially dead

Why identity-first security is the first defense against sophisticated AI-powered social engineering

AI sharpens threat detection — but could it dull human analyst skills?

Legacy UI is dead: Shadow AI is how real work gets done now

CrowdStrike bets on agentic workforces to outpace AI-driven adversaries

Shadow AI doubles every 18 months, creating blind spots SOCs never see

Stop sending anonymous texts. Start building trust.

They don't break in, they log in: 79% of intrusions are malware-free

Hush Security emerges from stealth to eliminate risks, burdens of static machine authentication keys

TechCrunch

ICE bought vehicles equipped with fake cell towers to spy on phones

North Korean hackers stole over $2 billion in crypto so far in 2025, researchers say

Security bug in India’s income tax portal exposed taxpayers’ sensitive data

Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

Inside Microsoft’s AI bet with CTO Kevin Scott at TechCrunch Disrupt 2025

A breach every month raises doubts about South Korea’s digital defenses

Anker offered Eufy camera owners $2 per video for AI training

Event startup Partiful wasn’t stripping GPS locations from user-uploaded photos

Hacking group claims theft of 1 billion records from Salesforce customer databases

Hackers are sending extortion emails to executives after claiming Oracle apps’ data breach

Network World Security

IBM touts agentic AI orchestration, cryptographic risk controls

Network digital twin technology faces headwinds

Netskope expands ZTNA with device intelligence for IoT/OT environments

2025 global network outage report and internet health check

AMD: Latest news and insights

AMD/OpenAI pact means new enterprise IT options

Nvidia and Fujitsu team for vertical industry AI projects

Tool sprawl hampers enterprise observability efforts

Nvidia: Latest news and insights

7 SASE certifications to validate converged network and security skills

Help Net Security

Redis patches critical “RediShell” RCE vulnerability, update ASAP! (CVE-2025-49844)

Barracuda Research centralizes AI-driven threat intelligence and incident analysis

OPSWAT’s MetaDefender Drive delivers portable, network-free threat scanning

Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)

How to get better results from bug bounty programs without wasting money

The architecture of lies: Bot farms are running the disinformation war

Cybersecurity’s next test: AI, quantum, and geopolitics

Cybersecurity jobs available right now: October 7, 2025

Hackers launch data leak site to extort 39 victims, or Salesforce

eBook: Defending Identity Security the Moment It’s Threatened

InfoSecurity Magazine

Qilin Ransomware Gang Claims Asahi Cyber-Attack

Critical Flaw Exposes 60,000 Redis Servers to Remote Exploitation

Qilin Claims Ransomware Attack on Mecklenburg Schools

Discord Reveals Data Breach Following Third-Party Compromise

NCSC: Patch Critical Oracle EBS Bug Now

Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Campaign

Europol Calls for Stronger Data Laws to Combat Cybercrime

Ransomware Group “Trinity of Chaos” Launches Data Leak Site

Scanning of Palo Alto Portals Surges 500%

Asahi Confirms Ransomware Attack, Data Stolen from Servers

© 2025 RiskDiscovery | Sponsored by: Deception Logic