Risk Discovery

DarkReading

Patch Now: Attackers Target OT Networks via Critical RCE Flaw

What the LockBit 4.0 Leak Reveals About RaaS Groups

China Questions Security of AI Chips From NVIDIA, AMD

Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday

Charon Ransomware Emerges With APT-Style Tactics

How to Stay a Step Ahead of a Non-Obvious Threat

ShinyHunters Tactics Now Mirror Scattered Spider

BlackSuit Ransomware Takes an Infrastructure Hit From Law Enforcement

REvil Actor Accuses Russia of Planning 2021 Kaseya Attack

Black Hat NOC Expands AI Implementation Across Security Operations

Ars Technica

OpenAI brings back GPT-4o after user revolt

Why it’s a mistake to ask chatbots about their mistakes

High-severity WinRAR 0-day exploited for weeks by 2 groups

The GPT-5 rollout has been a big mess

Encryption made for police and military radios may be easily cracked

It’s getting harder to skirt RTO policies without employers noticing

Adult sites are stashing exploit code inside racy .svg files

Google discovered a new scam—and also fell victim to it

OpenAI launches GPT-5 free to all ChatGPT users

Here’s how deepfake vishing attacks work, and why they can be hard to detect

CyberScoop

Patch the vulnerability: Confirm Sean Plankey as CISA director

Microsoft Patch Tuesday follows SharePoint attacks, Exchange server warnings

Guess what else GPT-5 is bad at? Security

SonicWall pins firewall attack spree on year-old vulnerability

Why cyber modernization requires partners with technical plus acquisition expertise

Researchers determine old vulnerabilities pose real-world threat to sensitive data in public clouds

FCC tightens rules on foreign firms building undersea cables, citing security

House lawmakers seek better tech for Commerce in fight against foreign powers

Announcing the winners of the 2025 CyberScoop 50 awards

CyberScoop 50 reveals 2025 winners; honors Amit Yoran with lifetime award

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

The HP OmniBook 5 laptop offers 34 hours of battery life - and it's 60% off today only

I recommend this OnePlus phone over most midrange Androids - and it's $50 off

Changing these iOS 18 settings significantly improved my iPhone's battery life

I found the easiest way to send files between my Android phone and desktop - and it's free

Gemini just got two of ChatGPT's best features - and they're free

The best smartphones without AI features in 2025: Expert tested and recommended

Before you quit Netflix, use these secret codes to unlock its full library of shows

GPT-5 was supposed to simplify ChatGPT but now it has 4 new modes - here's why

I replaced my ThinkPad with a dual-screen Windows laptop - here's my verdict after a month

My AirPods were constantly slipping out of my ears - until I found these $15 accessories

The Hacker News

New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks

Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

AI SOC 101: Key Capabilities Security Leaders Need to Know

Webinar: What the Next Wave of AI Cyberattacks Will Look Like — And How to Survive

Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws

Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics

Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks

Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager

Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses

BleepingComputer

Spike in Fortinet VPN brute-force attacks raises zero-day concerns

Pennsylvania attorney general's email, site down after cyberattack

Microsoft removes PowerShell 2.0 from Windows 11, Windows Server

Microsoft asks users to ignore certificate enrollment errors

OpenAI adds new GPT-5 models, restores o3, o4-mini and it's a mess all over again

Claude gets 1M tokens support via API to take on Gemini 2.5 Pro

Hackers leak Allianz Life data stolen in Salesforce attacks

OpenAI rolls out Gmail, Calendar, and Contacts integration in ChatGPT

ChatGPT's new subscription costs less than $5, but it's not for everyone

Docker Hub still hosts dozens of Linux images with the XZ backdoor

Cybersecurity Dive

CISA, Microsoft update guidance on Exchange Server vulnerability

US agencies, international allies issue guidance on OT asset inventorying

Xerox patches critical vulnerability in FreeFlow Core application

Financial impact from severe OT events could top $300B

Citrix NetScaler flaws lead to critical infrastructure breaches

DOJ, international partners take down BlackSuit group’s infrastructure

Research shows AI agents are highly vulnerable to hijacking attacks

Cyber experts ponder a non-government future for the CVE program

DARPA touts value of AI-powered vulnerability detection as it announces competition winners

Financially motivated cluster a key player in ToolShell exploitation

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Crooks can't let go: Active attacks target Office vuln patched 8 years ago

UK expands police facial recognition rollout with 10 new vans heading to a town near you

Marc Andreessen wades into the UK's Online Safety Act furor

Microsoft wares may be UK public sector's only viable option

Secure chat darling Matrix admits pair of 'high severity' protocol flaws need painful fixes

Ransomware crew spills Saint Paul's 43GB of secrets after city refuses to cough up cash

Crypto-crasher Do Kwon admits guilt over failed not-so-stablecoin that erased $41 billion

Microsoft's Patch Tuesday baker's dozen: 12 critical bugs plus a SharePoint RCE

Manpower franchise discloses data theft after RansomHub posts alleged stolen data

Major outage at Pennsylvania Attorney General's Office blamed on 'cyber incident'

VentureBeat

The end of perimeter defense: When your own AI tools become the threat actor

Claude can now process entire software projects in single request, Anthropic says

Study warns of security risks as ‘OS agents’ gain control of computers and phones

Black Hat 2025: Why your AI tools are becoming the next insider threat

Anthropic ships automated security reviews for Claude Code as AI-generated vulnerabilities surge

Anthropic’s new Claude 4.1 dominates coding tests days before GPT-5 arrives

ChatGPT rockets to 700M weekly users ahead of GPT-5 launch with reasoning superpowers

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution

TechCrunch

How we found TeaOnHer spilling users’ driver’s licenses in less than 10 minutes

Russian government hackers said to be behind US federal court filing system hack: Report

Hackers breach and expose a major North Korean spying operation

US government seized $1M from Russian ransomware gang

Electronic Arts blocks more than 300,000 attempts to cheat after launching Battlefield 6 beta

Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere

After researchers unmasked a prolific SMS scammer, a new operation has emerged in its wake

Data breach at French telecom giant Bouygues affects millions of customers

TeaOnHer, a rival Tea app for men, is leaking users’ personal data and driver’s licenses

Citizen Lab director warns cyber industry about US authoritarian descent

Network World Security

Cisco strengthens AI networking story

DEF CON research takes aim at ZTNA, calls it a bust

New Compute Exchange service answers GPU pricing queries

Trump meets with Intel CEO after calling for his resignation

Data center sustainability efforts stall slightly in 2025

2025 global network outage report and internet health check

Arista’s latest networking results: 4 critical takeaways

Critical SSH vulnerabilities expose enterprise network infrastructure as patching lags

Nvidia launches Blackwell-powered RTX Pro GPUs for compact AI workstations

IBM Cloud hit by fourth major outage since May as authentication failures expose systemic issues

Help Net Security

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities

NIST finalizes lightweight cryptography standard for small devices

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779)

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256)

AWS CISO explains how cloud-native security scales with your business

Product showcase: Apricorn Aegis NVX, a high-security, portable SSD

How to build and grow a scalable vCISO practice as an MSP

Global OT cyber risk could top $329 billion, new report warns

CISOs face a complex tangle of tools, threats, and AI uncertainty

Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543)

InfoSecurity Magazine

Erlang/OTP SSH Vulnerability Sees Spike in Exploitation Attempts

Deepfake AI Trading Scams Target Global Investors

Staffing Company Manpower Discloses Data Breach

St. Paul’s Mayor Confirms Interlock Data Leak

US Authorities Seize $1m from BlackSuit Ransomware Group

Microsoft Fixes Over 100 CVEs on August Patch Tuesday

Hacker Alleges Russian Government Role in Kaseya Cyber-Attack

GPT-5 Safeguards Bypassed Using Storytelling-Driven Jailbreak

29,000 Servers Remain Unpatched Against Microsoft Exchange Flaw

Home Office Phishing Scam Targets UK Immigration Sponsors

© 2025 RiskDiscovery | Sponsored by: Deception Logic