Risk Discovery

DarkReading

GITEX GLOBAL 2025

Dark Reading News Desk Turns 10, Back at Black Hat USA for 2025

LLMs' AI-Generated Code Remains Wildly Insecure

Building the Perfect Post-Security Incident Review Playbook

Male-Dominated Cyber Industry Still Holds Space for Women With Resilience

New 'Shade BIOS' Technique Beats Every Kind of Security

ISC2 Launches New Security Certificate for AI Expertise

SIEMs: Dying a Slow Death or Poised for AI Rebirth?

CISA Releases Free Thorium Malware Analysis Tool

Gen Z Falls for Scams 2x More Than Older Generations

Ars Technica

At $250 million, top AI salaries dwarf those of the Manhattan Project and the Space Race

Microsoft catches Russian hackers targeting foreign embassies

In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network

So far, only one-third of Americans have ever used AI for work

Flaw in Gemini CLI coding tool could allow hackers to run nasty commands

AI in Wyoming may soon use more electricity than state’s human residents

OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test

Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel

After BlackSuit is taken down, new ransomware group Chaos emerges

OpenAI’s most capable AI model, GPT-5, may be coming in August

CyberScoop

Senate confirms national cyber director pick Sean Cairncross

Cursor’s AI coding agent morphed ‘into local shell’ with one-line prompt attack

Social engineering attacks surged this past year, Palo Alto Networks report finds

China accuses US of exploiting Microsoft zero-day in cyberattack

Feds still trying to crack Volt Typhoon hackers’ intentions, goals

Russia-affiliated Secret Blizzard conducting ongoing espionage against embassies in Moscow

Senate legislation would direct federal agencies to fortify against quantum computing cyber threats

Project Zero disclosure policy change puts vendors on early notice

Senate Democrats call Trump admin’s focus on state voter rolls a pretext for disenfranchisement

Army Secretary forces West Point to rescind appointment given to Easterly

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Update to iOS 26? We tested the public beta on our iPhones - these features are a big deal

How to get another 15GB of Gmail storage for free (and without losing old files)

Unplugging these 7 common household devices helped reduce my electricity bills

Why I still recommend this $180 Bluetooth speaker even a year after its release

I bought Samsung's Galaxy Watch Ultra 2025 - here's why I have buyer's remorse

The best Raspberry Pi alternatives of 2025: Expert recommended

Is your Roku TV spying on you? It's possible, but here's how to put a stop to it

Anthropic beats OpenAI as the top LLM provider for business - and it's not even close

Samsung is giving new Galaxy Z Fold and Flip customers a rare $120 bonus - how to redeem it

Finally, an ultraportable Windows laptop I'd use at the office (even though it's for gamers)

The Hacker News

CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign

New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft

Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices

Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection

Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown

You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them

Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks

Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies

Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials

BleepingComputer

Attackers exploit link-wrapping services to steal Microsoft 365 logins

OpenAI prepares new open weight models along with GPT-5

Anthropic says OpenAI engineers using Claude Code ahead of GPT-5 launch

OpenAI may be testing a cheaper paid plan for ChatGPT

SonicWall firewall devices hit in surge of Akira ransomware attacks

Pi-hole discloses data breach triggered by WordPress plugin flaw

AI-powered Cursor IDE vulnerable to prompt-injection attacks

Pwn2Own hacking contest pays $1 million for WhatsApp exploit

Kali Linux can now run in Apple containers on macOS systems

Microsoft to disable Excel workbook links to blocked file types

Cybersecurity Dive

Senate confirms Trump’s national cyber director nominee

Ransomware spike linked to potential zero-day flaw in SonicWall devices

Palo Alto Networks investigating ransomware threat related to SharePoint exploitation

DOJ reaches $9.8 million settlement with Illumina over cyber whistleblower claims

Ransomware gangs capitalize on law enforcement takedowns of competitors

Industry groups urge vigilance as Scattered Spider evolves tactics

Palo Alto Networks to buy CyberArk for $25 billion

What we know about the cybercrime group Scattered Spider

CISA’s Joint Cyber Defense Collaborative takes major personnel hit

‘Shadow AI’ increases cost of data breaches, report finds

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Lazarus Group rises again, this time with malware-laden fake FOSS

Silent Push CEO on cybercrime takedowns: 'It's an ongoing cat-and-mouse game'

CISA roasts unnamed critical national infrastructure body for shoddy security hygiene

OpenAI removes ChatGPT self-doxing option

Tested: Microsoft Recall can still capture credit cards and passwords, a treasure trove for crooks

China says US spies exploited Microsoft Exchange zero-day to steal military info

Florida prison email blunder exposes visitor contact info to inmates

Cybercrooks attached Raspberry Pi to bank network and drained ATM cash

Top spy says LinkedIn profiles that list defense work 'recklessly invite attention of foreign intelligence services'

As ransomware gangs threaten physical harm, 'I am afraid of what's next,' ex-negotiator says

VentureBeat

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution

AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders

ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step

Sparrow raises $35M Series B to automate the employee leave management nightmare

How E2B became essential to 88% of Fortune 100 companies and raised $21 million

CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone

SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more

Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely

TechCrunch

A backlog at the Commerce Department is reportedly stalling Nvidia’s H20 chip licenses

Sex toy maker Lovense threatens legal action after fixing security flaws that exposed users’ data

Authorities seize BlackSuit ransomware gang’s servers

Google is experimenting with machine learning-powered age-estimation tech in the US

Palo Alto Networks agrees to buy CyberArk for $25 billion

Germ brings end-to-end encrypted messages to Bluesky

Hackers stole Social Security numbers during Allianz Life cyberattack

Minnesota activates National Guard as cyberattack on Saint Paul disrupts public services

Skechers is making kids’ shoes with a hidden AirTag compartment

Google says UK government has not demanded an encryption backdoor for its users’ data

Network World Security

DOE announces site selection for AI data centers

SD-WAN reality check: Why enterprise ‘rip-and-replace’ isn’t happening

Spotlight report: How AI is reshaping IT

Intel news: networking unit spinoff, earnings uproar, AI snub

CMA slams Microsoft domination of UK cloud services as anti-competitive

Data center survey: AI gains ground but trust concerns persist

Observe secures $156M funding boost for AI-powered observability

Palo Alto Networks to buy CyberArk for $25B as identity security takes center stage

Micron unveils PCIe Gen6 SSD to power AI data center workloads

IBM: Cost of U.S. data breach reaches all-time high and shadow AI isn’t helping

Help Net Security

Week in review: Food sector cybersecurity risks, cyber threats to space infrastructure

Smart steps to keep your AI future-ready

It’s time to sound the alarm on water sector cybersecurity

What attackers know about your company thanks to AI

Review: CISA Certified Information Systems Auditor Practice Tests

Security gaps still haunt shared mobile device use in healthcare

Infosec products of the month: July 2025

GreyNoise enhances threat response with real-time blocklists, feeds, and SOAR integrations

Intel 471 unveils Verity471, a unified platform for next-gen cyber threat intelligence

Outpost24 launches Credential Checker to spot leaked credentials on the dark web

InfoSecurity Magazine

Secret Blizzard Targets Moscow-Based Embassies in New Espionage Campaign

Hackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study Finds

Staggering 800% Rise in Infostealer Credential Theft

UK Leads the Way with £15m AI Alignment Project

Android Malware Targets Banking Users Through Discord Channels

CISA Unveils Eviction Strategies Tool to Aid Incident Response

Ransomware Attacks Escalate to Physical Threats Against Executives

Cybercriminals ‘Spooked’ After Scattered Spider Arrests

FunkSec Ransomware Victims Can Now Recover Files with Free Decryptor

Passwordless Future Years Away Despite Microsoft Authenticator Move

© 2025 RiskDiscovery | Sponsored by: Deception Logic