Risk Discovery

DarkReading

[Dark Reading Virtual Event] Know Your Enemy: How cybercriminals and nation-state hackers operate

Cisco's Wave of Actively Exploited Zero-Day Bugs Targets Firewalls, IOS

Chinese APT Drops 'Brickstorm' Backdoors on Edge Devices

Salesforce AI Agents Forced to Leak Sensitive Data

How Cloud Service Disruptions Are Making Resilience Critical for Developers

CISA: Attackers Breach Federal Agency via Critical GeoServer Flaw

The Fall of Scattered Spider? Teen Member Surrenders Amid Group's Shutdown Claims

Russia Targets Moldovan Election in Disinformation Play

Threat Actor Deploys 'OVERSTEP' Backdoor in Ongoing SonicWall SMA Attacks

Npm Package Hides Malware in Steganographic QR Codes

Ars Technica

ChatGPT Pulse delivers morning updates based on your chat history

Experts urge caution about using ChatGPT to pick stocks

As many as 2 million Cisco devices affected by actively exploited 0-day

Why does OpenAI need six giant data centers?

Supermicro server motherboards can be infected with unremovable malware

When “no” means “yes”: Why AI chatbots can’t process Persian social etiquette

Broadcom’s prohibitive VMware prices create a learning “barrier,” IT pro says

Here’s how potent Atomic credential stealer is finding its way onto Macs

Two of the Kremlin’s most active hack groups are collaborating, ESET says

Two UK teens charged in connection to Scattered Spider ransomware attacks

CyberScoop

CISA says it observed nearly year-old activity tied to Cisco zero-day attacks

CISA alerts federal agencies of widespread attacks using Cisco zero-days

Dem report concludes Department of Government Efficiency violates cybersecurity, privacy rules

Cisco uncovers new SNMP vulnerability used in attacks on IOS devices

Contain or be contained: The security imperative of controlling autonomous AI

Teen arrested in UK was a core figure in Scattered Spider’s operations

Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign

Researchers say media outlet targeting Moldova is a Russian cutout

What to do if your company discovers a North Korean worker in its ranks

Secret Service says it dismantled extensive telecom threat in NYC area

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Only 11% of business leaders see AI leading to major job cuts - for now

Job hunting? Nothing beats human networks - here are 8 places to start

I've yet to find a Bluetooth speaker that delivers stronger bass and clearer mids than this

I tested the iPhone Air for a week, and here's why 17 Pro Max users shouldn't sleep on it

Which Apple Watch should you buy in 2025? I recommend these models to different users

Employees learn nothing from phishing security training, and this is why

Forget the iPad: TCL's newest tablet won't break the bank or strain your eyes

AI will transform work more than replace jobs, study finds

You can claim up to $7,500 from AT&T's $177M data breach payouts - but the deadline is soon

I tested the best $20 security camera you can buy (and it works outdoors)

The Hacker News

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More

Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers

CTEM's Core: Prioritization and Validation

Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software

BleepingComputer

Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs

Unofficial Postmark MCP npm silently stole users' emails

Co-op says it lost $107 million after Scattered Spider attack

CISA orders agencies to patch Cisco flaws exploited in zero-day attacks

Cisco warns of ASA firewall zero-days exploited in attacks

Amazon pays $2.5 billion to settle Prime memberships lawsuit

Malicious Rust packages on Crates.io steal crypto wallet keys

How secure are passkeys, really? Here's what you need to know

Teen suspected of Vegas casino cyberattacks released to parents

Microsoft will offer free Windows 10 extended security updates in Europe

Cybersecurity Dive

CISA orders feds to patch Cisco flaws used to hack multiple agencies

Cyber insurance could greatly reduce losses from diversification, mitigation measures

Critical infrastructure operators add more insecure industrial equipment online

CISA urges dependency checks following Shai-Hulud compromise

UK authorities arrest man in connection with cyberattack against aviation vendor

China-linked groups are using stealthy malware to hack software suppliers

Many ‘material’ cybersecurity breaches go unreported: VikingCloud

SonicWall customers warned about brute force attacks against cloud backup service

Jaguar Land Rover to extend production pause into October following cyberattack

Social engineering campaigns highlight the ability to exploit human behavior

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

North Korea's Lazarus Group shares its malware with IT work scammers

Callous crims break into preschool network, publish toddlers' data

Zero-day deja vu as another Cisco IOS bug comes under attack

EU starting registration of fingerprints and faces for short-stay foreigners

Empty shelves, empty coffers: Co-op pegs cyber hit at £80m

Check your own databases before asking to see our passport photos, Home Office tells UK cops

Three in four European companies are hooked on US tech

New string of phishing attacks targets Python developers

Google warns China-linked spies lurking in 'numerous' enterprises

UK agency makes arrest in airport cyberattack investigation

VentureBeat

TechCrunch

Thousands of Indian bank transfer records found online

Viral call-recording app Neon goes dark after exposing users’ phone numbers, call recordings, and transcripts

Neon, the No. 2 social app on the Apple App Store, pays users to record their phone calls and sells data to AI firms

Step into the future: The full AI Stage agenda at TechCrunch Disrupt 2025

UK arrests man linked to ransomware attack that caused airport disruptions across Europe

Jaguar Land Rover to pause production until next week – at least

European airports still dealing with disruptions days after ransomware attack

Automaker giant Stellantis says customers’ personal data stolen during breach

EU cyber agency confirms ransomware attack causing airport disruptions

Unit 221B raises $5M to help track and disrupt today’s top hacking groups

Network World Security

New Supermicro BMC vulnerabilities open servers to malicious attacks on firmware

Cisco admins urged to patch IOS, IOS XE devices

Equinix unveils distributed AI infrastructure targeting inferencing, cloud connectivity

Cisco: Latest news and insights

Cisco expands its quantum networking portfolio with new software prototypes

Pure Storage targets AI complexity with a unified data cloud, Azure integration, and embedded security

Amazon and SAP partner on European data sovereignty platforms to offer better oversight

Microsoft’s new cooling tech targets AI’s thermal bottleneck as hyperscalers hit power ceilings

Balancing AI’s opportunities and challenges to serve enterprises

Riverbed survey reveals AI readiness gap

Help Net Security

Ransomware groups are multiplying, raising the stakes for defenders

Delinea releases free open-source MCP server to secure AI agents

How agentic AI is changing the SOC

Infosec products of the month: September 2025

European Windows 10 users get an additional year of free security updates

Microsoft spots LLM-obfuscated phishing attack

Chainguard Libraries for JavaScript provides developers with malware-free dependencies

Onapsis enhances SAP security with latest platform updates

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)

North Korean IT workers use fake profiles to steal crypto

InfoSecurity Magazine

Critical Vulnerability in Salesforce AgentForce Exposed

Malicious AI Agent Server Reportedly Steals Emails

Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors

Chinese Hackers Use 'BRICKSTORM' Backdoor to Breach US Firms

Co-op Records £206m Revenue Loss Following Cyber-Attack

Experts Warn of Global Breach Risk from Indian Suppliers

NCA Arrest Man as HardBit Ransomware Blamed for Airport Outages

npm Package Uses QR Code Steganography to Steal Credentials

ShadowV2 Botnet Exposes Rise of DDoS-as-a-service Platforms

Vegas Gambling Giant Hit by Cyber Incident, Employee Data Exposed

© 2025 RiskDiscovery | Sponsored by: Deception Logic