Risk Discovery

DarkReading

Vampire Bot Malware Sinks Fangs Into Job Hunters

Red Hat Hackers Team Up With Scattered Lapsus$ Hunters

LockBit, Qilin & DragonForce Join Forces in Ransomware 'Cartel'

Framelink Figma MCP Server Opens Orgs to Agentic AI Compromise

China-Nexus Actors Weaponize 'Nezha' Open Source Tool

Calling All Influencers: Spear-Phishers Dangle Tesla, Red Bull Jobs

Cyberattack Leads to Beer Shortage as Asahi Recovers

Attackers Season Spam With a Touch of 'Salt'

Security Concerns Shadow Vibe Coding Adoption

Medusa Ransomware Actors Exploit Critical Fortra GoAnywhere Flaw

Ars Technica

Bank of England warns AI stock bubble rivals 2000 dotcom peak

Salesforce says it won’t pay extortion demand in 1 billion records breach

Synology caves, walks back some drive restrictions on upcoming NAS models

Ars Live: Is the AI bubble about to pop? Ed Zitron is on with Ars at 3:30pm EDT today

AMD wins massive AI chip deal from OpenAI with stock sweetener

ICE wants to build a 24/7 social media surveillance team

Why iRobot’s founder won’t go within 10 feet of today’s walking robots

That annoying SMS phish you just got may have come from a box like this

OpenAI’s Sora 2 lets users insert themselves into AI videos with sound

Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks

CyberScoop

Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul

German government says it will oppose EU mass-scanning proposal

Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175

OpenAI: Threat actors use us to be efficient, not make new tools

Oracle zero-day defect amplifies panic over Clop’s data theft attack spree

House Dems seek info about ICE spyware contract, wary of potential abuses

Potential EU law sparks global concerns over end-to-end encryption for messaging apps

Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks

Federal judiciary touts cybersecurity work in wake of latest major breach

Researchers say Israeli government likely behind AI-generated disinfo campaign in Iran

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Last chance to grab JLab JBuds Lux ANC headphones at 50% off for Prime Day

Here's your last chance on the 30 best Prime Day deals under $100

Here's your last chance to save on the 35 best Prime Day laptop deals we found

We're tracking the 100+ best Prime Day deals worth buying before the sale ends tonight

Best Amazon Prime Day TV deals: Final hours to save big on LG, Samsung, and more

Best Amazon Prime Day smartwatch deals in October 2025: Don't miss out on deals from Apple, Google, and Samsung

Here's your last chance on the 30 best Prime Day Best Buy deals

Best Amazon Prime Day phone deals in October 2025: Last chance savings on Google, Samsung, more

Last chance to shop Prime Day Kindle deals on Paperwhite, Scribe, and more

Last chance to grab up to 50% off on the 21 best Prime Day tablet deals

The Hacker News

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Step Into the Password Graveyard… If You Dare (and Join the Live Session)

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

No Time to Waste: Embedding AI to Cut Noise and Reduce Risk

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers

Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

BleepingComputer

Hackers claim Discord breach exposed data of 5.5 million users

New FileFix attack uses cache smuggling to evade security software

Qilin ransomware claims Asahi brewery attack, leaks data

Microsoft 365 outage blocks access to Teams, Exchange Online

Microsoft enables Exchange Online auto-archiving by default

Crimson Collective hackers target AWS cloud instances for data theft

Hackers exploit auth bypass in Service Finder WordPress theme

London police arrests suspects linked to nursery breach, child doxing

Defend the Target, Not Just the Door: A Modern Plan for Google Workspace

Salesforce refuses to pay ransom over widespread data theft attacks

Cybersecurity Dive

Salesforce refuses to submit to extortion demands linked to hacking campaigns

AI fuels social engineering but isn’t yet revolutionizing hacking

Public disclosures of AI risk surge among S&P 500 companies

Businesses fear AI exposes them to more attacks

Extortion campaign targeting Oracle E-Business Suite customers linked to zero-day

Hackers steal sensitive Red Hat customer data after breaching GitLab repository

Renault Group confirms UK customer data stolen in third-party breach

Oracle investigating extortion emails targeting E-Business Suite customers

UNFI reports solid results as it recovers from cyberattack

Hackers claiming ties to Clop launch wide extortion campaign targeting corporate executives

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Take this rob and shove it! Salesforce issues stern retort to ransomware extort

Germany slams brakes on EU's Chat Control device-scanning snoopfest

Employees regularly paste company secrets into ChatGPT

Nearly a year after attack, US medical scanning biz gets clear image of stolen patient data

Police and military radio maker BK Technologies cops to cyber break-in

OpenAI bans suspected Chinese accounts using ChatGPT to plan surveillance

Britain eyes satellite laser warning system and carrier-launched jet drones

UK Home Office opens wallet for £60M automated number plate project

Credential stuffing: £2.31 million fine shows passwords are still the weakest link

Scattered Lapsus$ Hunters offering $10 in Bitcoin to 'endlessly harass' execs

VentureBeat

MCP stacks have a 92% exploit probability: How 10 plugins became enterprise security's biggest blind spot

Stopping breaches at machine speed demands agents, not alerts

SOC teams face 51-second breach reality—Manual response times are officially dead

Why identity-first security is the first defense against sophisticated AI-powered social engineering

AI sharpens threat detection — but could it dull human analyst skills?

Legacy UI is dead: Shadow AI is how real work gets done now

CrowdStrike bets on agentic workforces to outpace AI-driven adversaries

Shadow AI doubles every 18 months, creating blind spots SOCs never see

Stop sending anonymous texts. Start building trust.

They don't break in, they log in: 79% of intrusions are malware-free

TechCrunch

Here’s the tech powering ICE’s deportation crackdown

ICE bought vehicles equipped with fake cell towers to spy on phones

North Korean hackers stole over $2 billion in crypto so far in 2025, researchers say

Security bug in India’s income tax portal exposed taxpayers’ sensitive data

Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

Inside Microsoft’s AI bet with CTO Kevin Scott at TechCrunch Disrupt 2025

A breach every month raises doubts about South Korea’s digital defenses

Anker offered Eufy camera owners $2 per video for AI training

Event startup Partiful wasn’t stripping GPS locations from user-uploaded photos

Hacking group claims theft of 1 billion records from Salesforce customer databases

Network World Security

Fields medalist: ‘As of today we have no quantum computer. It does not exist.’

Cisco seriously amps-up Silicon One chip, router for AI data center connectivity

Zscaler, café-inspired branch networks, and mobile security

SolarWinds launches AI agent to automate IT operations, speed incident response

IBM touts agentic AI orchestration, cryptographic risk controls

Network digital twin technology faces headwinds

Netskope expands ZTNA with device intelligence for IoT/OT environments

2025 global network outage report and internet health check

AMD: Latest news and insights

AMD/OpenAI pact means new enterprise IT options

Help Net Security

Varonis Interceptor stops AI-evasive email attacks

Researchers uncover ClickFix-themed phishing kit

North Korean hackers stole over $2 billion in cryptocurrency this year

Netskope UZTNA adds policy control by device posture, risk, and role

CyberArk unveils new capabilities to reduce risk across human and machine identities

Radiflow360 unifies OT risk, compliance, and response

Rethinking AI security architectures beyond Earth

DefectDojo: Open-source DevSecOps platform

Developing economies are falling behind in the fight against cybercrime

New system aims to keep people connected when networks fail

InfoSecurity Magazine

Nezha Tool Used in New Cyber Campaign Targeting Web Applications

Digital Fraud Costs Companies Worldwide 7.7% of Annual Revenue

Cyber-Attack Contributes to Huge Sales Drop at JLR

Bybit Theft Drives Record-Breaking $2bn Haul for North Korea

Met Police Arrest Two Teens in Connection with Kido Attack

Qilin Ransomware Gang Claims Asahi Cyber-Attack

Critical Flaw Exposes 60,000 Redis Servers to Remote Exploitation

Qilin Claims Ransomware Attack on Mecklenburg Schools

Discord Reveals Data Breach Following Third-Party Compromise

NCSC: Patch Critical Oracle EBS Bug Now

© 2025 RiskDiscovery | Sponsored by: Deception Logic