Risk Discovery

DarkReading

[Dark Reading Virtual Event] Cybersecurity Outlook 2026

LINE Messaging Bugs Open Asian Users to Cyber Espionage

Cloudflare's One-Stop-Shop Convenience Takes Down Global Digital Economy

Hack the Hackers: 6 Laws for Staying Ahead of the Attackers

With AI Reshaping Entry-Level Cyber, What Happens to the Security Talent Pipeline?

Switching to Offense: US Makes Cyber Strategy Changes

Inside Iran's Cyber Objectives: What Do They Want?

Securing the Win: What Cybersecurity Can Learn From the Paddock

China's 'PlushDaemon' Hackers Infect Routers to Hijack Software Updates

'Matrix Push' C2 Tool Hijacks Browser Notifications

Ars Technica

HP and Dell disable HEVC support built into their laptops’ CPUs

Massive Cloudflare outage was triggered by file that suddenly doubled in size

Critics scoff after Microsoft warns AI feature can infect machines and pilfer data

Tech giants pour billions into Anthropic as circular AI investments roll on

Bonkers Bitcoin heist: 5-star hotels, cash-filled envelopes, vanishing funds

Google CEO: If an AI bubble pops, no one is getting out clean

5 plead guilty to laptop farm and ID theft scheme to land North Koreans US IT jobs

Oracle hit hard in Wall Street’s tech sell-off over its huge AI bet

Forget AGI—Sam Altman celebrates ChatGPT finally following em dash formatting rules

Researchers question Anthropic claim that AI-assisted attack was 90% autonomous

CyberScoop

Legacy web forms are the weakest link in government data security

SEC drops case against SolarWinds tied to monumental breach

Hundreds of Salesforce customers hit by yet another third-party vendor breach

NSO Group argues WhatsApp injunction threatens existence, future U.S. government work

Top Senate Intel Dem warns of ‘catastrophic’ cyber consequences of Trump admin national security firings, politicization

Why Anna Gomez believes the FCC is letting telecoms off easy after Salt Typhoon

Palo Alto Networks to acquire observability firm Chronosphere for $3.35 billion

Five Eyes just made life harder for bulletproof hosting providers

Amazon warns of global rise in specialized cyber-enabled kinetic targeting

Information sharing law’s expiration could squander government vulnerability hunting efforts, senator says

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Best early Black Friday laptop deals 2025: 20+ sales live now

Best early Black Friday gaming PC deals 2025: My favorite sales right now

Amazon's 2025 Black Friday deals are shockingly good: Shop some of my favorites up to 60% off

How Microsoft's new security agents help businesses stay a step ahead of AI-enabled hackers

Black Friday TV deals are live now with massive sales: Here are our 40+ top picks

The best products we tested in 2025: ZDNET's expert picks

I found the best early Black Friday streaming service and device deals

Should you upgrade your traditional Wi-Fi router to mesh? I compared the two, and here's my take

Best early Black Friday PlayStation deals 2025: 20 sales out now

Best Walmart Black Friday deals live now: Save up to 60% on Apple, Dyson, TVs, and more

The Hacker News

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Why IT Admins Choose Samsung for Mobile Security

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny

Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves

CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat

BleepingComputer

Nvidia confirms October Windows updates cause gaming issues

Microsoft: Out-of-band update fixes Windows 11 hotpatch install loop

Grafana warns of max severity admin spoofing vulnerability

CrowdStrike catches insider feeding information to hackers

FCC rolls back cybersecurity rules for telcos, despite state-hacking risks

'Scattered Spider' teens plead not guilty to UK transport hack

Avast Makes AI-Driven Scam Defense Available for Free Worldwide

Google begins showing ads in AI Mode (AI answers)

Google exposes BadAudio malware used in APT24 espionage campaigns

Hacker claims to steal 2.3TB data from Italian rail group, Almaviva

Cybersecurity Dive

SEC drops civil fraud case against SolarWinds

Salesforce investigating campaign targeting customer environments connected to Gainsight app

FCC eliminates cybersecurity requirements for telecom companies

Researchers warn command injection flaw in Fortinet FortiWeb is under exploitation

FCC plan to scrap telecom cyber rules draws congressional backlash

US, allies sanction Russian bulletproof hosting firm

Record-breaking DDoS attack against Microsoft Azure mitigated

Trump’s cyber strategy will emphasize adversary deterrence, industry partnerships

Hackers increasingly target operational technology, with manufacturing sector bearing the brunt

Jaguar Land Rover reports major earnings impact from cyberattack

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

ShinyHunters 'does not like Salesforce at all,' claims the crew accessed Gainsight 3 months ago

Four charged over alleged plot to smuggle Nvidia AI chips into China

Russia-linked crooks bought a bank for Christmas to launder cyber loot

ZTE Launches ZXCSec MAF security solution for large model

Google links Android’s Quick Share to Apple’s AirDrop, without Cupertino’s help

SEC drops SolarWinds lawsuit that painted a target on CISOs everywhere

Salesforce-linked data breach claims 200+ victims, has ShinyHunters’ fingerprints all over it

LLM-generated malware is improving, but don't expect autonomous attacks tomorrow

Fired techie admits sabotaging ex-employer, causing $862K in damage

TP-Link accuses rival Netgear of 'smear campaign' over alleged China ties

VentureBeat

For AI to succeed in the SOC, CISOs need to remove legacy walls now

Human-centric IAM is failing: Agentic AI requires a new identity control plane

How Anthropic's AI was jailbroken to become a weapon

Forrester: Gen AI is a chaos agent, models are wrong 60% of the time

How Anthropic's Claude cuts SOC investigation time from 5 hours to 7 minutes

CrowdStrike & Nvidia's open source AI gives enterprises the edge against machine-speed attacks

Meet Aardvark, OpenAI’s security agent for code analysis and patching

TechCrunch

CrowdStrike fires ‘suspicious insider’ who passed information to hackers

Google says hackers stole data from 200 companies following Gainsight breach

Despite Chinese hacks, Trump’s FCC votes to scrap cybersecurity rules for phone and internet companies

Salesforce says some of its customers’ data was accessed after Gainsight breach

How the classic anime ‘Ghost in the Shell’ predicted the future of cybersecurity 30 years ago

US, UK, and Australia sanction Russian ‘bulletproof’ web host used in ransomware attacks

Security startup Guardio nabs $80M from ION Crossover Partners

DoorDash confirms data breach affecting users’ phone numbers and physical addresses

MCP AI agent security startup Runlayer launches with 8 unicorns, $11M from Khosla’s Keith Rabois and Felicis

Surveillance tech provider Protei was hacked, its data stolen, and its website defaced

Network World Security

Gluware tackles AI agent coordination with Titan platform

Ransomware gangs seize a new hostage: your AWS S3 buckets

Nvidia chips sold out? Cut back on AI plans, or look elsewhere

What are TPUs? Your guide to tensor processing units and AI acceleration

Cisco initiative targets device security

Cisco, IBM team to build large-scale quantum networks

Server memory prices could double by 2026 as AI demand strains supply

Cobalt 200: Microsoft’s next-gen Arm CPU targets lower TCO for cloud workloads

NetOps teams struggle with AI readiness

SAP touts Microsoft disaster recovery plan for Europe; Analysts doubt it will work

Help Net Security

Salesforce Gainsight compromise: Early findings and customer guidance

New Onapsis platform updates enhance visibility and protection across SAP landscapes

Research shows identity document checks are missing key signals

What insurers really look at in your identity controls

How one quick AI check can leak your company’s secrets

Convenience culture is breaking personal security

New infosec products of the week: November 21, 2025

Salesforce investigates new incident echoing Salesloft Drift compromise

Security gap in Perplexity’s Comet browser exposed users to system-level attacks

Oligo delivers runtime-native security for models and agents

InfoSecurity Magazine

Cybercriminals Exploit Browser Push Notifications to Deliver Malware

New Gainsight Supply Chain Hack Could Affect Salesforce Customers

UNC2891 Money Mule Network Reveals Full Scope of ATM Fraud Operation

CISA Issues New Guidance on Bulletproof Hosting Threat

Supply Chain Breaches Impact Almost All Firms Globally, BlueVoyant Reveals

Gartner: 40% of Firms to Be Hit By Shadow AI Security Incidents

UK, US and Australia Sanction Russian Bulletproof Hoster Media Land

Europol Operation Disrupts $55m in Cryptocurrency For Piracy

Eternidade Stealer Trojan Fuels Aggressive Brazil Cybercrime

PlushDaemon Hackers Unleash New Malware in China-Aligned Spy Campaigns

© 2025 RiskDiscovery | Sponsored by: Deception Logic