Risk Discovery

DarkReading

LevelBlue Announces Plans to Acquire XDR Provider Cybereason

'Mysterious Elephant' Moves Beyond Recycled Malware

F5 BIG-IP Environment Breached by Nation-State Actor

Harvard University Breached in Oracle Zero-Day Attack

Africa Remains Top Global Target, Even as Attacks Decline

Microsoft Drops Terrifyingly Large October Patch Update

China's Flax Typhoon Turns Geo-Mapping Server into a Backdoor

Pixnapping Attack Lets Attackers Steal 2FA on Android

Financial, Other Industries Urged to Prepare for Quantum Computers

Critical infrastructure CISOs Can't Ignore 'Back-Office Clutter' Data

Ars Technica

Thousands of customers imperiled after nation-state ransacks F5’s network

Anthropic’s Claude Haiku 4.5 matches May’s frontier model at fraction of cost

ChatGPT erotica coming soon with age verification, CEO says

Feds seize $15 billion from alleged forced labor scam built on “human suffering”

Nvidia sells tiny new computer that puts big AI on your desktop

OpenAI wants to stop ChatGPT from validating users’ political views

Hackers can steal 2FA codes and private messages from Android phones

Why Signal’s post-quantum makeover is an amazing engineering achievement

Microsoft warns of new “Payroll Pirate” scam stealing employees’ direct deposits

AI models can acquire backdoors from surprisingly few malicious documents

CyberScoop

PowerSchool hacker sentenced to 4 years in prison

CISA warns of imminent risk posed by thousands of F5 products in federal agencies

F5 discloses breach tied to nation-state threat actor

Swalwell seeks answers from CISA on workforce cuts

Researchers find a startlingly cheap way to steal your secrets from space

Microsoft’s Patch Tuesday fixes 175 vulnerabilities, including two actively exploited zero-days

Officials crack down on Southeast Asia cybercrime networks, seize $15B

LevelBlue to acquire Cybereason in latest cybersecurity industry consolidation

Flax Typhoon can turn your own software against you

Red, blue, and now AI: Rethinking cybersecurity training for the 2026 threat landscape

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

The best VPN for Windows in 2025: Expert tested and reviewed

Leaving Windows 10 behind? Apple's rumored $599 MacBook might be just for you

I struggled to find earbuds that stay put, but this pair seals the deal

No ROI in AI yet? Try these six proven tactics for creating real business value

3 common thermostat mistakes may be costing you hundreds - here's what to avoid

These Bose earbuds are an easy pick over AirPods for me - why I don't regret it

Scam texts net over $1 billion for cyber gangs - how to avoid their traps

Changing these 5 settings on my TV instantly improved the picture quality - here's why

I wore the Oura Ring 4 Ceramic for a week, and it shattered the myth of ugly fitness tech

Roku might've just solved the biggest problem with home TV streaming - here's how

The Hacker News

ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More

CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months

F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

How Attackers Bypass Synced Passkeys

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

BleepingComputer

YouTube is down worldwide with playback error

Capita to pay £14 million for data breach impacting 6.6 million people

PowerSchool hacker gets sentenced to four years in prison

Fake LastPass, Bitwarden breach alerts lead to PC hijacks

F5 releases BIG-IP patches for stolen security vulnerabilities

Microsoft: Sept Windows Server updates cause Active Directory issues

Clothing giant MANGO discloses data breach exposing customer info

How to spot dark web threats on your network using NDR

F5 says hackers stole undisclosed BIG-IP flaws, source code

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

Cybersecurity Dive

Nation-state hackers breached sensitive F5 systems, stole customer data

CISA’s latest cuts reignite concerns among Democratic lawmakers

Fortune 100 firms accelerate disclosures linked to AI, cybersecurity risk

Layoffs, reassignments further deplete CISA

SonicWall SSLVPN devices compromised using valid credentials

SonicWall investigation shows hackers gained wide access to customer backup files

Oracle E-Business Suite exploitation traced back as early as July

Risk mitigation budgets swell as enterprise AI adoption grows

Cyber risk a growing priority among insurance and asset management firms

Salesforce refuses to submit to extortion demands linked to hacking campaigns

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Machine learning meets malware: how AI-powered ransomware could destroy your business

Devs are writing VS Code extensions that blab secrets by the bucketload

Capita fined £14M after 58-hour delay exposed 6.6M records

Asahi breach leaves bitter taste as brewer fears personal data slurped

Mozilla is recruiting beta testers for a free, baked-in Firefox VPN

Oracle rushes out another emergency E-Business Suite patch as Clop fallout widens

British govt agents demand action after UK mega-cyberattacks surge 50%

EU biometric border system launch hits inevitable teething problems

Scattered Lapsus$ Hunters rage-quit the internet (again), promise to return next year

Microsoft 'illegally' tracked students via 365 Education, says data watchdog

VentureBeat

Visa just launched a protocol to secure the AI shopping boom — here’s what it means for merchants

Weaponized AI can dismantle patches in 72 hours — but Ivanti's kernel defense can help

MCP stacks have a 92% exploit probability: How 10 plugins became enterprise security's biggest blind spot

Stopping breaches at machine speed demands agents, not alerts

SOC teams face 51-second breach reality—Manual response times are officially dead

Why identity-first security is the first defense against sophisticated AI-powered social engineering

AI sharpens threat detection — but could it dull human analyst skills?

Legacy UI is dead: Shadow AI is how real work gets done now

CrowdStrike bets on agentic workforces to outpace AI-driven adversaries

Shadow AI doubles every 18 months, creating blind spots SOCs never see

TechCrunch

Cyber giant F5 Networks says government hackers had ‘long-term’ access to its systems, stole code and customer data

Satellites found exposing unencrypted data, including phone calls and some military comms

Homeland Security reassigns ‘hundreds’ of CISA cyber staffers to support Trump’s deportation crackdown

Spyware maker NSO Group confirms acquisition by US investors

Discord data breach affects at least 70,000 users

Italian businessman’s phone reportedly targeted with Paragon spyware

‘Dozens’ of organizations had data stolen in Oracle-linked hacks

Here’s the tech powering ICE’s deportation crackdown

ICE bought vehicles equipped with fake cell towers to spy on phones

North Korean hackers stole over $2 billion in crypto so far in 2025, researchers say

Network World Security

Oracle’s big bet for AI: Zettascale10

Three options for wireless power in the enterprise

IBM unveils advanced quantum computer in Spain

Q&A: IBM’s Mikel Díez on hybridizing quantum and classical computing

Nvidia’s DGX Spark desktop supercomputer is on sale now, but hard to find

Nvidia: Latest news and insights

2025 global network outage report and internet health check

Major network vendors team to advance Ethernet for scale-up AI networking

Broadcom drops the hammer on AI networking with Thor Ultra

OpenAI–Broadcom alliance signals a shift to open infrastructure for AI

Help Net Security

Veeam launches Data Cloud for MSPs to simplify Microsoft 365 and Entra ID protection

Cayosoft Guardian Protector safeguards Microsoft 365 and hybrid identity systems

When trusted AI connections turn hostile

Identifying risky candidates: Practical steps for security leaders

Everyone wants AI, but few are ready to defend it

Humanoid robot found vulnerable to Bluetooth hack, data leaks to China

The password problem we keep pretending to fix

ImmuniWeb expands discovery with ASM and Dark web packages

F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info

Harmonic Security targets AI data risks with Model Context Protocol Gateway

InfoSecurity Magazine

Over 23 Million Victims Hit by Data Breaches in Q3

F5 Reveals Nation State Breach and Urges Immediate Patching

Flaw in Slider Revolution Plugin Exposed 4m WordPress Sites

Whisper 2FA Behind One Million Phishing Attempts Since July

Last Windows 10 Patch Tuesday Features Six Zero-Days

Capita Fined £14m After 2023 Breach that Hit 6.6 Million People

UK, US Sanction Southeast Asia-Based Online Scam Network

Legacy Windows Protocols Still Expose Networks to Credential Theft

Hacker Group TA585 Emerges With Advanced Attack Infrastructure

Senior Execs Falling Short on Cyber-Attack Preparedness, NCSC Warns

© 2025 RiskDiscovery | Sponsored by: Deception Logic