Risk Discovery

DarkReading

Startup Spotlight: Twine Security Tackles the Execution Gap

GITEX GLOBAL 2025

Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking

'Samourai' Cryptomixer Founders Plead Guilty to Money Laundering

Citizen Lab Founder Flags Rise of US Authoritarianism

Payback: 'ShinyHunters' Clocks Google via Salesforce

The Critical Flaw in CVE Scoring

Chanel Alerts Clients of Third-Party Breach

Researcher Deploys Fuzzer to Test Autonomous Vehicle Safety

Critical Zero-Day Bugs Crack Open CyberArk, HashiCorp Password Vaults

Ars Technica

Google discovered a new scam—and also fell victim to it

OpenAI launches GPT-5 free to all ChatGPT users

Here’s how deepfake vishing attacks work, and why they can be hard to detect

Voice phishers strike again, this time hitting Cisco

AI site Perplexity uses “stealth tactics” to flout no-crawl edicts, Cloudflare says

At $250 million, top AI salaries dwarf those of the Manhattan Project and the Space Race

Microsoft catches Russian hackers targeting foreign embassies

In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network

So far, only one-third of Americans have ever used AI for work

Flaw in Gemini CLI coding tool could allow hackers to run nasty commands

CyberScoop

BlackSuit, Royal ransomware group hit over 450 US victims before last month’s takedown

CISA, Microsoft warn organizations of high-severity Microsoft Exchange vulnerability

Nigerian accused of hacking tax preparation businesses extradited to US

New National Cyber Director Cairncross faces challenges on policy, bureaucracy, threats

SonicWall firewalls hit by active mass exploitation of suspected zero-day

Why identity is the definitive cyber defense for federal agencies

Iranian hackers were more coordinated, aligned during Israel conflict than it seemed

Google addresses six vulnerabilities in August’s Android security update

AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges

‘Highly evasive’ Vietnamese-speaking hackers stealing data from thousands of victims in 62+ nations

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Beware of promptware: How researchers broke into Google Home via Gemini

Dashlane ends free subscriptions - you have one month to upgrade or switch

Finally, a Windows laptop that I wouldn't mind putting away my MacBook Pro for

These midrange Bose headphones are on sale for $130 off - act fast before the deal ends

Just installed iOS 18.6 on your iPhone? I'd change these 11 settings ASAP

I took over 500 photos with the Samsung S25 Ultra and Oppo Find X8 Ultra - the winner is very clear

ChatGPT can now talk nerdy to you - plus more personalities and other upgrades beyond GPT-5

Sign up for T-Mobile All-In home internet and get $300 back - here's how

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

TP-Link's new Wi-Fi 7 router is a travel-friendly option that won't break the bank

The Hacker News

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense

Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups

6,500 Axis Servers Expose Remoting Protocol; 4,000 in U.S. Vulnerable to Exploits

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals

BleepingComputer

CISA orders fed agencies to patch new Exchange flaw by Monday

ChatGPT's GPT-5 models released: everything you need to know

New EDR killer tool used by eight different ransomware groups

Bouygues Telecom confirms data breach impacting 6.4 million customers

SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw

Wave of 150 crypto-draining extensions hits Firefox add-on store

Cryptomixer founders pled guilty to laundering money for cybercriminals

Massive IPTV piracy service with 28,000 channels taken offline

Air France and KLM disclose data breaches impacting customers

Microsoft warns of high-severity flaw in hybrid Exchange deployments

Cybersecurity Dive

SonicWall says recent attack wave involved previously disclosed flaw, not zero-day

CISA, Microsoft warn about new Microsoft Exchange server vulnerability

US still prioritizing zero-trust migration to limit hacks’ damage

Top US energy companies frequently exposed to critical security flaws

CISA’s relationship with industry needs work to reestablish trust, experts say

Cybersecurity budgets tighten as economic anxiety rises

SonicWall investigating possible zero-day related to firewall attacks

AI is helping hackers automate and customize cyberattacks

Senate confirms Trump’s national cyber director nominee

Ransomware spike linked to potential zero-day flaw in SonicWall devices

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

German security researchers say 'Windows Hell No' to Microsoft biometrics for biz

Microsoft, CISA warn yet another Exchange server bug can lead to 'total domain compromise'

Black Hat's network ops center brings rivals together for a common cause

CISA releases malware analysis for Sharepoint Server attack

KLM, Air France latest major organizations looted for customer data

Meta training AI on social media posts? Only 7% in Europe think it's OK

Amnesty slams Elon Musk's X for 'central role' in fueling 2024 UK riots

Could agentic AI save us from the cybercrisis?

Microsoft researchers bullish on AI security agent even though it let 74% of malware slip through

Google says the group behind last year's Snowflake attack slurped data from one of its Salesforce instances

VentureBeat

Anthropic ships automated security reviews for Claude Code as AI-generated vulnerabilities surge

Anthropic’s new Claude 4.1 dominates coding tests days before GPT-5 arrives

ChatGPT rockets to 700M weekly users ahead of GPT-5 launch with reasoning superpowers

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution

AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders

ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step

Sparrow raises $35M Series B to automate the employee leave management nightmare

How E2B became essential to 88% of Fortune 100 companies and raised $21 million

TechCrunch

Data breach at French telecom giant Bouygues affects millions of customers

TeaOnHer, a rival Tea app for men, is leaking users’ personal data and driver’s licenses

Citizen Lab director warns cyber industry about US authoritarian descent

Final call: TechCrunch Disrupt 2025 ticket savings end tonight

Google says hackers stole its customers’ data by breaching its Salesforce database

Hacker used a voice phishing attack to steal Cisco customers’ personal information

SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks

Google says its AI-based bug hunter found 20 security vulnerabilities

Perplexity accused of scraping websites that explicitly blocked AI scraping

North Korean spies posing as remote workers have infiltrated hundreds of companies, says CrowdStrike

Network World Security

WatchGuard updates tabletop firewall series with high-speed networking and AI-powered security

Top network and data center events 2025

In crowded observability market, Gartner calls out AI capabilities, cost optimization, DevOps integration

HPE unveils AI-powered network security and data protection technology

Cisco teams with Hugging Face for AI model anti-malware

2025 global network outage report and internet health check

Riverbed banks on AI-driven network observability

Data neutrality: Safeguarding your AI’s competitive edge

Broadcom expands AI networking portfolio with Jericho4 Ethernet fabric router

Infoblox reinforces DNS defense package

Help Net Security

What GPT‑5 means for IT teams, devs, and the future of AI at work

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls

Top solutions to watch after Black Hat USA 2025

Photos: Black Hat USA 2025

Beyond PQC: Building adaptive security programs for the unknown

Cybercriminals are getting personal, and it’s working

Elastic AI SOC Engine helps SOC teams expose hidden threats

AI can write your code, but nearly half of it may be insecure

Energy companies are blind to thousands of exposed services

InfoSecurity Magazine

#BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free Cyber Services Program

#BHUSA: Microsoft Debuts AI Agent Able to Reverse Engineer Malware

New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at Risk

Google Among Victims in Ongoing Salesforce Data Theft Campaign

Experts Alarmed by UK Government’s Companies House ID Checks

SonicWall: Attacks Linked to Legacy Bug and Password Use

#BHUSA: Security Researchers Uncover Critical Flaws in Axis CCTV Software

#BHUSA: Researchers Expose Infrastructure Behind Cybercrime Network VexTrio

Clinical Data Stolen in Cyber-Attack on Kidney Dialysis Provider DaVita

#BHUSA: OpenAI Launches Red Teaming Challenge for New Open-Weight LLMs

© 2025 RiskDiscovery | Sponsored by: Deception Logic