Risk Discovery

DarkReading

[Dark Reading Virtual Event] Know Your Enemy: How cybercriminals and nation-state hackers operate

Iran-Linked Hackers Target Europe With New Malware

Attackers Use Phony GitHub Pages to Deliver Mac Malware

Airport Chaos Shows Human Impact of 3rd-Party Attacks

15 Years of Zero Trust: Why It Matters More Than Ever

Patch Now: Max-Severity Fortra GoAnywhere Bug Allows Command Injection

Capture-the-Flag Competition Leads to Cybersecurity Career

Zero Trust: Strengths and Limitations in the AI Attack Era

'ShadowLeak' ChatGPT Attack Allows Hackers to Invisibly Steal Emails

Plastic People, Plastic Cards: Synthetic Identities Plague Finance & Lending Sector

Ars Technica

Here’s how potent Atomic credential stealer is finding its way onto Macs

Two of the Kremlin’s most active hack groups are collaborating, ESET says

Two UK teens charged in connection to Scattered Spider ransomware attacks

New attack on ChatGPT research agent pilfers secrets from Gmail inboxes

How weak passwords and other failings led to catastrophic breach of Ascension

White House officials reportedly frustrated by Anthropic’s law enforcement AI limits

ChatGPT may soon require ID verification from adults, CEO says

Millions turn to AI chatbots for spiritual guidance and confession

Modder injects AI dialogue into 2002’s Animal Crossing using memory hack

OpenAI and Microsoft sign preliminary deal to revise partnership terms

CyberScoop

Telecom exec: Salt Typhoon inspiring other hackers to use unconventional techniques

Las Vegas police arrest minor accused of high-profile 2023 casino attacks

Cyber threat information law hurtles toward expiration, with poor prospects for renewal

Why federal IT leaders must act now to deliver NIST’s post-quantum cryptography transition

Researchers raise alarm over maximum-severity defect in GoAnywhere file-transfer service

Trump administration planning expansion of U.S. quantum strategy

DOD official: We need to drop the cybersecurity talent hiring window to 25 days

Agencies increasingly dive into AI for cyber defense, acting federal CISO says

UK arrests two teens accused of heavy involvement in yearslong Scattered Spider attack spree

Attack on SonicWall’s cloud portal exposes customers’ firewall configurations

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

The best password managers of 2025: Expert tested

The best VPN routers of 2025: Expert tested and reviewed

This portable power station just set the gold standard for me - and it's priced well

Why I can't live without this magnetic USB-C accessory - and all the devices it can charge

I tested Samsung's flagship QLED TV for a week and didn't miss the OLED model at all

Best iPhone 2025: I compared the top models and found the best options for you

Using the wrong monitor is killing your productivity - here's how I pick the right one

MacOS Tahoe finally turned me into a desktop widget user - here's why

How to enable your Apple Watch's Hypertension Detection feature - and why you should

Looking for a few good AI leaders - are you ready?

The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells

ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks

⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More

How to Gain Control of AI Agents and Non-Human Identities

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams

LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer

Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell

ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent

BleepingComputer

NPM package caught using QR Code to fetch cookie-stealing malware

Airport disruptions in Europe caused by a ransomware attack

American Archive of Public Broadcasting fixes bug exposing restricted media

Automaker giant Stellantis confirms data breach after Salesforce hack

New EDR-Freeze tool uses Windows WER to suspend security software

Microsoft lifts Windows 11 update block after face detection fix

Mozilla now lets Firefox add-on devs roll back bad updates

LastPass: Fake password managers infect Mac users with malware

Why attackers are moving beyond email-based phishing attacks

Microsoft says recent updates cause DRM video playback issues

Cybersecurity Dive

Social engineering campaigns highlight the ability to exploit human behavior

AI-powered vulnerability detection will make things worse, not better, former US cyber official warns

Flights across Europe delayed after cyberattack targets third-party vendor

How to build a trustworthy AI governance roadmap aligned with ISO 42001

Preemptive security predicted to constitute about half of IT security spending by 2030

NIST explains how post-quantum cryptography push overlaps with existing security guidance

Evolving AI attacks, rapid model adoption worry cyber defenders

UK arrests 2 more alleged Scattered Spider hackers over London transit system breach

Healthcare firms’ hack-related losses outpace those of other sectors

Microsoft disrupts global phishing campaign that led to widespread credential theft

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Suspected Iran-backed attackers targeting European aerospace sector with novel malware

UK chancellor Putin the blame on Russia for cyber chaos, but evidence says otherwise

EV charging biz zaps customers with data leak scare

Cops cuff another teen over alleged Scattered Spider attack that broke Vegas casinos

EU’s cyber agency blames ransomware as Euro airport check-in chaos continues

Car giant Stellantis says customer data nicked after partner vendor pwned

FOMO? Brit banking biz rolls out AI tools, talks up security

Trump says Michael Dell is part of the team buying TikTok, with Larry Ellison and maybe some Murdochs

Tech troubles create aviation chaos on both sides of the Atlantic

Ransomware attack linked to museum break-in and theft of golden exhibits

VentureBeat

TechCrunch

Automaker giant Stellantis says customers’ personal data stolen during breach

EU cyber agency confirms ransomware attack causing airport disruptions

Unit 221B raises $5M to help track and disrupt today’s top hacking groups

Hundreds of flights delayed at Heathrow and other airports after apparent cyberattack

US government charges British teenager accused of at least 120 ‘Scattered Spider’ hacks

Here’s the tech powering ICE’s deportation crackdown

ICE unit signs new $3M contract for phone-hacking tech

Irregular raises $80 million to secure frontier AI models

Jaguar Land Rover to pause production for third week due to cyberattack

VC firm Insight Partners says thousands of staff and limited partners had personal data stolen in a ransomware attack

Network World Security

Australian provider outage leaves emergency callers unable to connect

Who are the winners and losers of the Intel-Nvidia deal?

9 Linux certifications to boost your career

Nvidia reportedly acquires Enfabrica CEO and chip technology license

Upscale emerges from stealth with $100 million seed and plans to democratize AI networking

Observability platforms gain AI capabilities

Intel: Latest news and insights

Intel will design CPUs with Nvidia NVLink in return for $5 billion investment

Ethernet, InfiniBand, and Omni-Path battle for the AI-optimized data center

Nvidia: Latest news and insights

Help Net Security

Blackdot Videris Automate uses AI to speed OSINT, risk detection, and decision-making

Cybercriminals are going after law firms’ sensitive client data

Review: Practical Purple Teaming

Gartner: Preemptive cybersecurity to dominate 50% of security spend by 2030

High-impact IT outages cost businesses $2 million per hour

Cybersecurity jobs available right now: September 23, 2025

Malicious GitHub pages lure MacOS users into installing Atomic infostealer

Stellar Cyber 6.1 equips SecOps teams with multi-layer AI

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)

How Juventus protects fans, revenue, and reputation during matchdays

InfoSecurity Magazine

Attacker Breakout Time Falls to 18 Minutes

Car Giant Stellantis Confims Third-Party Breach

Jaguar Land Rover Extends Production Pause Again

Organizations Must Update Defenses to Scattered Spider Tactics, Experts Urge

Major Cyber Threat Detection Vendors Pull Out of MITRE Evaluations Test

FBI Says Threat Actors Are Spoofing its IC3 Site

Airport Chaos Enters Third Day After Supply Chain Attack

Russian State Hackers Collaborate in Attacks Against Ukraine

Zero-Click Vulnerability in ChatGPT's Agent Enables Silent Gmail Data Theft

Attackers Abuse AI Tools to Generate Fake CAPTCHAs in Phishing Attacks

© 2025 RiskDiscovery | Sponsored by: Deception Logic