Risk Discovery

DarkReading

[Dark Reading Virtual Event] Know Your Enemy: How cybercriminals and nation-state hackers operate

A $50 'Battering RAM' Can Bust Confidential Computing

Undead Operating Systems Haunt Enterprise Security Networks

China Imposes One-Hour Reporting Rule for Major Cyber Incidents

New China APT Strikes With Precision and Persistence

'Klopatra' Trojan Makes Bank Transfers While You Sleep

China Exploited New VMware Bug for Nearly a Year

Can Shadow AI Risks Be Stopped?

'Trifecta' of Google Gemini Flaws Turn AI Into Attack Vehicle

AI-Powered Voice Cloning Raises Vishing Risks

Ars Technica

Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks

DeepSeek tests “sparse attention” to slash AI processing costs

California’s newly signed AI law just gave Big Tech exactly what it wanted

Anthropic says its new AI model “maintained focus” for 30 hours on multistep tasks

Can AI detect hedgehogs from space? Maybe if you find brambles first.

ChatGPT Pulse delivers morning updates based on your chat history

Experts urge caution about using ChatGPT to pick stocks

As many as 2 million Cisco devices affected by actively exploited 0-day

Why does OpenAI need six giant data centers?

Supermicro server motherboards can be infected with unremovable malware

CyberScoop

GOP senator confirms pending White House quantum push, touts legislative alternatives

Palo Alto Networks spots new China espionage group showcasing advanced skills

DOJ, Georgia Tech affiliate company settle over alleged failure to meet DOD contract cyber requirements

Watchdog: Cyber threat information-sharing program’s future uncertain with expected expiration of 2015 law

Anthropic touts safety, security improvements in Claude Sonnet 4.5

Two-thirds of CISA personnel could be sent home under shutdown

Interpol operation disrupts romance scam and sextortion networks in Africa

Expired protections, exposed networks: The stakes of CISA’s sunset

UN seeks to build consensus on ‘safe, secure and trustworthy’ AI

Worries mount over max-severity GoAnywhere defect

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

I was already a Pop!_OS fan - but the new beta is stunning

Best Costco deals to compete with Amazon Prime Day 2025: My favorite sales so far

Best early October Prime Day Anker deals 2025: All-time-low prices on power banks, chargers, and more

Don't cancel Netflix yet: These secret codes can unlock the full catalog of shows for you

Best early Amazon Prime Day deals 2025: Our 50+ favorite sales this October

Best early Amazon Prime Day EcoFlow deals 2025: My 7 favorites sales this October

How you're cleaning your earbuds and headphones isn't ideal - here's the right way to do it

Best early October Prime Day 2025 PC gaming deals: Save big on laptops and accessories

This smart garden makes it easy to grow up to 16 plants at home - here's how

Best early Amazon Prime Day deals under $25 in 2025: My favorite cheap sales this October

The Hacker News

New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

Learn How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones

Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs

New $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware

BleepingComputer

New bug in classic Outlook can only be fixed via Microsoft support

Android malware uses VNC to give attackers hands-on access

F-Droid project threatened by Google's new dev registration rules

Microsoft to force install Microsoft 365 companion apps in October

WestJet data breach exposes travel details of 1.2 million customers

Google Drive for desktop gets AI-powered ransomware detection

Allianz Life says July data breach impacts 1.5 million people

How To Simplify CISA's Zero Trust Roadmap with Modern Microsegmentation

Microsoft: Media Creation Tool broken on Windows 11 Arm64 PCs

Imgur blocks UK users after data watchdog signals possible fine

Cybersecurity Dive

Federal cuts force many state and local governments out of cyber collaboration group

Landmark US cyber-information-sharing program expires, bringing uncertainty

CMMC is coming, but most contractors still have a long road to full compliance

Canadian airline WestJet says some customer data stolen in June cyberattack

Cisco firewall flaws endanger nearly 50,000 devices worldwide

CISA to furlough 65% of staff if government shuts down this week

Jaguar Land Rover to resume some manufacturing within days

RTX confirms hack of passenger boarding software involved ransomware

Jaguar Land Rover begins phased restoration of services following cyberattack

CISA orders feds to patch Cisco flaws used in multiple agency hacks

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Air Force admits SharePoint privacy issue as reports trickle out of possible breach

3.7M breach notification letters set to flood North America's mailboxes

AI agent hypefest crashing up against cautious leaders, Gartner finds

Imgur yanks Brit access to memes as parent company faces fine

Explain digital ID or watch it fizzle out, UK PM Starmer told

Schools are swotting up on security yet still flunk recovery when cyberattacks strike

Beijing-backed burglars master .NET to target government web servers

Fake North Korean IT workers sneaking into healthcare, finance, and AI

Tile trackers are a stalker's dream, say Georgia Tech researchers

Google bolts AI into Drive to catch ransomware, but crooks not shaking yet

VentureBeat

TechCrunch

UK government tries again to access encrypted Apple customer data: Report

Data breach at Canadian airline WestJet affects 1.2M passengers

Final 3 days to score extra discounts on community passes to TechCrunch Disrupt 2025

A breach every month raises doubts about South Korea’s digital defenses

Ted Cruz blocks bill that would extend privacy protections to all Americans

Japan’s beer-making giant Asahi stops production after cyberattack

UK government bails out Jaguar Land Rover with £1.5B loan after hack disrupts vehicle production for weeks

Wiz chief technologist Ami Luttwak on how AI is transforming cyberattacks

TruSources to show off its on-device identity-checking tech at TechCrunch Disrupt 2025

Thousands of Indian bank transfer records found spilling online after security lapse

Network World Security

Netgear deepens SASE integration

Spotlight report: Securing the cloud

2025 global network outage report and internet health check

Cato extends SASE platform to unmanaged devices

Zayo launches DynamicLink NaaS platform with core-based service delivery

Alkira advances NaaS for the agentic AI era

South Korea’s data center fire triggers global scrutiny of lithium-ion batteries and DR architecture

PGP Glass tackles OT, IoT convergence

HighPoint offers direct GPU-storage connection to speed AI training, inference workloads

Top network and data center events 2025 & 2026

Help Net Security

North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S.

Google Drive for desktop will spot, stop and remedy ransomware damage

Exium by NETGEAR brings unified SASE and firewall protection to SMEs and MSPs

Fuel iX Fortify helps enterprises expose GenAI vulnerabilities at scale

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts

Siemens simplifies OT security with virtualized, encrypted connectivity

New 360 Strata platform delivers actionable intelligence to protect sensitive data

Akuity unveils AI-powered incident detection and automation for Kubernetes

Hackers love LOTL, this approach shuts them down

A2AS framework targets prompt injection and agentic AI security risks

InfoSecurity Magazine

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

Shortcut-based Credential Lures Deliver DLL Implants

AI Tops Cybersecurity Investment Priorities, PwC Finds

New China-Aligned Hackers Hit State and Telecom Sectors

Campaign Warns Solicitors and House Buyers of Payment Diversion Fraud

ICO: Imgur’s UK Decision Won’t Prevent Regulatory Fine

Smishing Campaigns Exploit Cellular Routers to Target Belgium

New Android RAT Klopatra Targets Financial Data

US Cuts Federal Funding for MS-ISAC Cybersecurity Program

Gemini Trifecta Highlights Dangers of Indirect Prompt Injection

© 2025 RiskDiscovery | Sponsored by: Deception Logic