Risk Discovery

DarkReading

Koreans Hacked, Blackmailed by 250+ Fake Mobile Apps

Silk Typhoon Linked to Powerful Offensive Tools, PRC-Backed Companies

The CrowdStrike Outage Was Bad, but It Could Have Been Worse

ChatGPT, GenAI Tools Open to 'Man in the Prompt' Browser Attack

African Orgs Fall to Mass Microsoft SharePoint Exploits

Nimble 'Gunra' Ransomware Evolves With Linux Variant

The Hidden Threat of Rogue Access

Critical Flaw in Vibe-Coding Platform Base44 Exposes Apps

Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm

Root Evidence Bets on New Concept for Vulnerability Patch Management

Ars Technica

In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network

So far, only one-third of Americans have ever used AI for work

Flaw in Gemini CLI coding tool could allow hackers to run nasty commands

AI in Wyoming may soon use more electricity than state’s human residents

OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test

Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel

After BlackSuit is taken down, new ransomware group Chaos emerges

OpenAI’s most capable AI model, GPT-5, may be coming in August

Supply-chain attacks on open source software are getting out of hand

Two major AI coding tools wiped out user data after making cascading mistakes

CyberScoop

Project Zero disclosure policy change puts vendors on early notice

Senate Democrats call Trump admin’s focus on state voter rolls a pretext for disenfranchisement

Army Secretary forces West Point to rescind appointment given to Easterly

Palo Alto Networks to acquire CyberArk for $25 billion

CISA is facing a tight CIRCIA deadline. Here’s how Sean Plankey can attempt to meet it

Research shows data breach costs have reached an all-time high

Minnesota governor activates National Guard amid St. Paul cyberattack

CISA says it will release telecom security report sought by Sen. Wyden to lift hold on Plankey nomination

Researchers flag flaw in Google’s AI coding assistant that allowed for ‘silent’ code exfiltration

Sen. Hassan wants to hear from SpaceX about scammers abusing Starlink

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

This Android 16 feature solved my biggest problem with phone notifications - how it works

Finally, an Android Auto adapter that's reliable, highly functional, and won't break the bank

How this one tablet convinced me gaming on Android is worth it

How to sync passkeys in Chrome across your Android, iPhone, Mac, or PC (and why you should)

Why I recommend this Bluetooth tracker to both iPhone and Android users over AirTags

Why the best fix for headless server frustration might be a little box named Comet

I wasn't interested in the Google Pixel 10, but this potential feature changes everything

I tried underwater AR goggles to track my workouts - and they worked surprisingly well

I let a modular yard care robot mow my lawn - here's my verdict after a month

I test wireless earbuds for a living, but this pair is unlike anything I've ever seen

The Hacker News

Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps

FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant

Product Walkthrough: A Look Inside Pillar's AI Security Platform

Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome

Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits

Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools

Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware

Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure

Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44

BleepingComputer

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH

Hackers target Python devs in phishing attacks using fake PyPI site

SafePay ransomware threatens to leak 3.5TB of Ingram Micro data

Hackers actively exploit critical RCE in WordPress Alone theme

Hackers plant 4G Raspberry Pi on bank network in failed ATM heist

Apple patches security flaw exploited in Chrome zero-day attacks

New Lenovo UEFI firmware updates fix Secure Boot bypass flaws

AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds

Minnesota activates National Guard after St. Paul cyberattack

Russian airline Aeroflot grounds dozens of flights after cyberattack

Cybersecurity Dive

Palo Alto Networks to buy CyberArk for $25 billion

What we know about the cybercrime group Scattered Spider

CISA’s Joint Cyber Defense Collaborative takes major personnel hit

‘Shadow AI’ increases cost of data breaches, report finds

FBI, CISA warn about Scattered Spider’s evolving tactics

Ransomware attacks against oil and gas firms surge

Research shows LLMs can conduct sophisticated attacks without humans

Allianz Life discloses massive data breach linked to supply-chain attack

Emerging cybersecurity needs: What the market is telling us

Philadelphia Indemnity Insurance discloses June data breach

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

The TSA likes facial recognition at airports. Passengers and politicians, not so much

Enterprises neglect AI security – and attackers have noticed

Users left scrambling for a plan B as Dropbox drops Dropbox Passwords

Minnesota governor calls in the troops after St Paul cyberattack

Palo Alto Networks inks $25b deal to buy identity-security shop CyberArk

Ransomware gang sets deadline to leak 3.5 TB of Ingram Micro data

CISA caves to Wyden, agrees to release US telco insecurity report - but won’t say when

FBI: Watch out for these signs Scattered Spider is spinning its web around your org

Raspberry Pi RP2350 A4 update fixes old bugs and dares you to break it again

War Games: MoD asks soldiers with 1337 skillz to compete in esports

VentureBeat

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution

AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders

ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step

Sparrow raises $35M Series B to automate the employee leave management nightmare

How E2B became essential to 88% of Fortune 100 companies and raised $21 million

CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone

SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more

Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely

TechCrunch

Palo Alto Networks agrees to buy CyberArk for $25 billion

Germ brings end-to-end encrypted messages to Bluesky

Hackers stole Social Security numbers during Allianz Life cyberattack

Minnesota activates National Guard as cyberattack on Saint Paul disrupts public services

Skechers is making kids’ shoes with a hidden AirTag compartment

Google says UK government has not demanded an encryption backdoor for its users’ data

Tea app disables DMs after second data breach exposed over a million private messages

Telecom giant Orange warns of disruption amid ongoing cyberattack

Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers

Trump’s cybersecurity cuts putting nation at risk, warns New York cyber chief

Network World Security

Palo Alto Networks to buy CyberArk for $25B as identity security takes center stage

Micron unveils PCIe Gen6 SSD to power AI data center workloads

IBM: Cost of U.S. data breach reaches all-time high and shadow AI isn’t helping

Survey: AI, cyber threats, distributed workforces challenge IT teams most

Backblaze adds cloud storage security protection features

Debian shifts to 64-bit time storage to head off Epochalypse

Network jobs watch: Hiring, skills and certification trends

Multi-cloud migration startup FluidCloud emerges from stealth

2025 global network outage report and internet health check

Cisco donates AI agent tech to Linux Foundation

Help Net Security

Artemis: Open-source modular vulnerability scanner

The food supply chain has a cybersecurity problem

Why CISOs should rethink identity risk through attack paths

AI is here, security still isn’t

Boards shift focus to tech and navigate cautious investors

Fighting AI with AI: How Darwinium is reshaping fraud defense

Darwinium launches AI tools to detect and disrupt adversarial threats

Beyond Passwords: A Guide to Advanced Enterprise Security Protection

Intruder launches GregAI to deliver AI-powered, contextual security workflow management

Cyware expands Intelligence Suite to streamline CTI program deployment and operations

InfoSecurity Magazine

Hidden Backdoor Found in ATM Network via Raspberry Pi

Google to Publicly Report New Vulnerabilities Within One Week of Vendor Disclosure

Third of Exploited Vulnerabilities Weaponized Within a Day of Disclosure

Data Breach Costs Fall for First Time in Five Years

US Tops Hit List as 396 SharePoint Systems Compromised Globally

OWASP Launches Agentic AI Security Guidance

French Telco Orange Hit by Cyber-Attack

Critical Authentication Flaw Identified in Base44 Vibe Coding Platform

Auto-Color Backdoor Malware Exploits SAP Vulnerability

CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine

© 2025 RiskDiscovery | Sponsored by: Deception Logic