Risk Discovery

DarkReading

60 RubyGems Packages Steal Data From Annoying Spammers

BigID Launches Shadow AI Discovery to Uncover Rogue Models and Risky AI Data

PwC Announces Addition of Morgan Adamski to Leadership of Cyber, Data & Technology Risk Platform

Ransomware Attacks Fall by Almost Half in Q2

Cybersecurity Incident at Allianz Life Exposes Personal Information of Hundreds of Thousands

860K Compromised in Columbia University Data Breach

Redefining the Role: What Makes a CISO Great

Data Dump From APT Actor Yields Clues to Attacker Capabilities

Attackers Target the Foundations of Crypto: Smart Contracts

Silver Fox APT Blurs the Line Between Espionage & Cybercrime

Ars Technica

Encryption made for police and military radios may be easily cracked

It’s getting harder to skirt RTO policies without employers noticing

Adult sites are stashing exploit code inside racy .svg files

Google discovered a new scam—and also fell victim to it

OpenAI launches GPT-5 free to all ChatGPT users

Here’s how deepfake vishing attacks work, and why they can be hard to detect

Voice phishers strike again, this time hitting Cisco

AI site Perplexity uses “stealth tactics” to flout no-crawl edicts, Cloudflare says

At $250 million, top AI salaries dwarf those of the Manhattan Project and the Space Race

Microsoft catches Russian hackers targeting foreign embassies

CyberScoop

DARPA’s AI Cyber Challenge reveals winning models for automated vulnerability discovery and patching

Microsoft: An organization without a response plan will be hit harder by a security incident

Research reveals possible privacy gaps in Apple Intelligence’s data handling

Federal courts to ramp up filing system security after ‘recent escalated cyberattacks’

BlackSuit, Royal ransomware group hit over 450 US victims before last month’s takedown

CISA, Microsoft warn organizations of high-severity Microsoft Exchange vulnerability

Nigerian accused of hacking tax preparation businesses extradited to US

New National Cyber Director Cairncross faces challenges on policy, bureaucracy, threats

SonicWall firewalls hit by active mass exploitation of suspected zero-day

Why identity is the definitive cyber defense for federal agencies

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

5 iOS 26 features that made updating my iPhone worthwhile (and how to try them)

I tried Lenovo's new rollable ThinkBook and can't go back to regular-sized screens

3 portable power stations I travel everywhere with (and how they differ)

I answered the million-dollar question about buying laptops - here's the ultimate guide

The best Linux distros for beginners in 2025 make switching from MacOS or Windows so easy

This Motorola foldable is on sale for $100 off - here's why I recommend it over most slab phones

This digital graffiti project is making the internet fun again, pixel by pixel - see for yourself

ChatGPT comes with personality presets now - and 3 other upgrades you might have missed

OpenAI's GPT-5 is now free for all: How to access and everything else we know

Can GPT-5 fix Apple Intelligence? We're about to find out

The Hacker News

Linux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB Attacks

Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems

CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials

AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims

Leaked Credentials Up 160%: What Attackers Are Doing With Them

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

BleepingComputer

Google confirms data breach exposed potential Google Ads customers' info

60 malicious Ruby gems downloaded 275,000 times steal credentials

OpenAI to fix GPT-5 issues, double rate limits for paid users after outrage

WinRAR zero-day exploited to plant malware on archive extraction

FTC: older adults lost record $700 million to scammers in 2024

U.S. Judiciary confirms breach of court electronic records service

Microsoft 365 apps to soon block file access via FPRPC by default

Microsoft will kill the Lens PDF scanner app for iOS, Android

Columbia University data breach impacts nearly 870,000 individuals

Royal and BlackSuit ransomware gangs hit over 450 US companies

Cybersecurity Dive

DARPA touts value of AI-powered vulnerability detection as it announces competition winners

Financially motivated cluster a key player in ToolShell exploitation

CISA officials say agency is moving ahead despite workforce purge

NSA partnering with cyber firms to support under-resourced defense contractors

SonicWall says recent attack wave involved previously disclosed flaw, not zero-day

CISA, Microsoft warn about new Microsoft Exchange server vulnerability

US still prioritizing zero-trust migration to limit hacks’ damage

Top US energy companies frequently exposed to critical security flaws

CISA’s relationship with industry needs work to reestablish trust, experts say

Cybersecurity budgets tighten as economic anxiety rises

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

The inside story of the Telemessage saga, and how you can view the data

Chinese biz using AI to hit US politicians, influencers with propaganda

Star leaky app of the week: StarDict

Ex-White House cyber, counter-terrorism guru: Microsoft considers security an annoyance, not a necessity

Infosec hounds spot prompt injection vuln in Google Gemini apps

UK secretly allows facial recognition scans of passport, immigration databases

UK proxy traffic surges as users consider VPN alternatives amid Online Safety Act

Prohibition never works, but that didn't stop the UK's Online Safety Act

Why blow up satellites when you can just hack them?

German security researchers say 'Windows Hell No' to Microsoft biometrics for biz

VentureBeat

Black Hat 2025: Why your AI tools are becoming the next insider threat

Anthropic ships automated security reviews for Claude Code as AI-generated vulnerabilities surge

Anthropic’s new Claude 4.1 dominates coding tests days before GPT-5 arrives

ChatGPT rockets to 700M weekly users ahead of GPT-5 launch with reasoning superpowers

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution

AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders

ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step

Sparrow raises $35M Series B to automate the employee leave management nightmare

TechCrunch

Data breach at French telecom giant Bouygues affects millions of customers

TeaOnHer, a rival Tea app for men, is leaking users’ personal data and driver’s licenses

Citizen Lab director warns cyber industry about US authoritarian descent

Final call: TechCrunch Disrupt 2025 ticket savings end tonight

Google says hackers stole its customers’ data by breaching its Salesforce database

Hacker used a voice phishing attack to steal Cisco customers’ personal information

SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks

Google says its AI-based bug hunter found 20 security vulnerabilities

Perplexity accused of scraping websites that explicitly blocked AI scraping

North Korean spies posing as remote workers have infiltrated hundreds of companies, says CrowdStrike

Network World Security

Networking terms and definitions

Stargate’s slow start reveals the real bottlenecks in scaling AI infrastructure

WatchGuard updates tabletop firewall series with high-speed networking and AI-powered security

Top network and data center events 2025

In crowded observability market, Gartner calls out AI capabilities, cost optimization, DevOps integration

HPE unveils AI-powered network security and data protection technology

Cisco teams with Hugging Face for AI model anti-malware

2025 global network outage report and internet health check

Riverbed banks on AI-driven network observability

Data neutrality: Safeguarding your AI’s competitive edge

Help Net Security

Week in review: SonicWall firewalls targeted in ransomware attacks, Black Hat USA 2025

August 2025 Patch Tuesday forecast: Try, try again

Third-party partners or ticking time bombs?

From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends

Fraud controls don’t guarantee consumer trust

New infosec products of the week: August 8, 2025

What GPT‑5 means for IT teams, devs, and the future of AI at work

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls

Top solutions to watch after Black Hat USA 2025

InfoSecurity Magazine

#DEFCON: AI Cyber Challenge Winners Revealed in DARPA’s $4M Cybersecurity Showdown

#BHUSA: CISA Execs ‘Hopeful’ for Extension of Cybersecurity Information Sharing Act

Australian Regulator Sues Optus Over 2022 Data Breach

US Federal Judiciary Tightens Security Following Escalated Cyber-Attacks

Bouygues Telecom Data Breach Exposes 6.4 Million Customer Records

#BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free Cyber Services Program

#BHUSA: Microsoft Debuts AI Agent Able to Reverse Engineer Malware

New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at Risk

Google Among Victims in Ongoing Salesforce Data Theft Campaign

Experts Alarmed by UK Government’s Companies House ID Checks

© 2025 RiskDiscovery | Sponsored by: Deception Logic