[
News
|
Newsletters
|
Blogs
|
Reddits
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
Embracing the Next Generation of Cybersecurity Talent
Federal Cuts Put Local, State Agencies at Cyber-Risk
Sitecore Zero-Day Sparks New Round of ViewState Threats
Bridgestone Americas Confirms Cyberattack
Chinese Hackers Game Google to Boost Gambling Sites
ISC2 Aims to Bridge DFIR Skill Gap with New Certificate
Phishing Empire Runs Undetected on Google, Cloudflare
Czech Warning Highlights China Stealing User Data
Blast Radius of Salesloft Drift Attacks Remains Uncertain
UltraViolet Expands AppSec Capabilities With Black Duck's Testing Business
Ars Technica
The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest.
Microsoft open-sources Bill Gates’ 6502 BASIC from 1978
New AI model turns photos into explorable 3D worlds, with caveats
Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet
OpenAI announces parental controls for ChatGPT after teen suicide lawsuit
Zuckerberg’s AI hires disrupt Meta with swift exits and threats to leave
Google warns that mass data theft hitting Salesloft AI agent has grown bigger
High-severity vulnerability in Passwordstate credential manager. Patch now.
Unpacking Passkeys Pwned: Possibly the most specious research in decades
The personhood trap: How AI fakes human personality
CyberScoop
AI can help track an ever-growing body of vulnerabilities, CISA official says
Sitecore zero-day vulnerability springs up from exposed machine key
Streameast, world’s largest pirated live sports network, shut down by Egyptian authorities
Cato Networks acquires AI security startup Aim Security
CISA guide seeks a unified approach to software ‘ingredients lists’
House panel approves cyber information sharing, grant legislation as expiration deadlines loom
FTC announces settlement with toy robot makers that tracked location of children
Google patches two Android zero-days, 120 defects total in September security update
Court rules ‘fired’ FTC commissioners be reinstated — again
Salesloft Drift attacks hit Cloudflare, Palo Alto Networks, Zscaler
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
College students can get Microsoft Copilot free for a year - here's how
Finally, a MagSafe battery pack with a built-in kickstand that isn't a joke
The one way millennials beat Gen Z in AI adoption
I tried Lenovo's rotating display laptop, and it's as wild as it is practical
Own a Samsung smartwatch? This 30-second routine will keep your device running like new
1Password vs. NordPass: I tested both password managers, and here's the best pick
This is the most underrated iOS 26 feature I've tested - and it works on the Apple Watch, too
I compared two of the best soundbars on the market, and Sonos has some serious competition
Linux Mint 22.2 'Zara' makes my favorite distro even better - what's new
Sick of Google's AI summaries? This free tool eliminates them - in one click
The Hacker News
TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations
SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild
Automation Is Redefining Pentest Delivery
VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages
Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries
GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions
Simple Steps for Attack Surface Reduction
Google Fined $379 Million by French Regulator for Cookie Consent Violations
CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited
BleepingComputer
Financial services firm Wealthsimple discloses data breach
Max severity Argo CD API flaw leaks repository credentials
Microsoft gives US students a free year of Microsoft 365 Personal
Don’t let outdated IGA hold back your security, compliance, and growth
Critical SAP S/4HANA vulnerability now exploited in attacks
Hackers exploited Sitecore zero-day flaw to deploy backdoors
Texas sues PowerSchool over breach exposing 62M students, 880k Texans
Chess.com discloses recent data breach via file transfer app
New TP-Link zero-day surfaces as CISA warns other flaws are exploited
France slaps Google with €325M fine for violating cookie regulations
Cybersecurity Dive
Marriott checks out AI agents amid technology transformation
Swiss Re warns of rate deterioration in cyber insurance
Researchers warn of zero-day vulnerability in SiteCore products
How the newest ISAC aims to help food and agriculture firms thwart cyberattacks
How Tampa General Hospital worked to quantify cyber risk
Cloudflare, Proofpoint say hackers gained access to Salesforce instances in attack spree
Palo Alto Networks, Zscaler customers impacted by supply chain attacks
FCC investigation could derail its own IoT security certification program
Federal, state officials investigating ransomware attack targeting Nevada
US, allies warn China-linked actors still targeting critical infrastructure
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
Knock-on effects of software dev break-in hit schools trust
Attackers snooping around Sitecore, dropping malware via public sample keys
Boffins build automated Android bug hunting system
China-aligned crew poisons Windows servers to manipulate Google results
Enterprises sticking with Windows 10 could shell out billions for continued support
Sainsbury's eyes up shoplifters with live facial recognition
France fines Google, SHEIN for undercooked cookie policies that led to crummy privacy
US puts $10M bounty on three Russians accused of attacking critical infrastructure
Congressional panel throws cyber threat intel-sharing, funding a lifeline
Android drops mega patch bomb - 120 fixes, two already exploited
VentureBeat
TechCrunch
Venezuela’s president thinks American spies can’t hack Huawei phones
ICE reactivates contract with spyware maker Paragon
WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware
TransUnion says hackers stole 4.4 million customers’ personal information
FBI says China’s Salt Typhoon hacked at least 200 US companies
US sanctions fraud network used by North Korean ‘remote IT workers’ to seek jobs and steal money
DOGE uploaded live copy of Social Security database to ‘vulnerable’ cloud server, says whistleblower
Security researcher maps hundreds of TeslaMate servers spilling Tesla vehicle data
A new security flaw in TheTruthSpy phone spyware is putting victims at risk
Developer gets prison time for sabotaging former employer’s network with a ‘kill switch’
Network World Security
Network discovery gets a boost from Intel-spinout Articul8
Google adds Gemini to its on-prem cloud for increased data protection
Cisco, Nvidia, VAST team to offer turnkey AI infrastructure components
Cato Networks acquires AI security startup Aim Security
Nvidia networking roadmap: Ethernet, InfiniBand, co-packaged optics will shape data center of the future
Inside the AI-optimized data center: Why next-gen infrastructure is nonnegotiable
For many NFL teams, a new season means infrastructure modernization
2025 global network outage report and internet health check
SAP data sovereignty service lets customers run cloud workloads inside their data centers
Alibaba Cloud tweaks software for networking efficiency gains
Help Net Security
Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
Stealthy attack serves poisoned web pages only to AI agents
DigitalOcean adds Single Sign-On to help businesses centralize user access
Hirsch Velocity 3.9 turns security into business value
September 2025 Patch Tuesday forecast: The CVE matrix
How to reclaim control over your online shopping data
File security risks rise as insiders, malware, and AI challenges converge
Smart ways CISOs can do more with less
Connected cars are smart, convenient, and open to cyberattacks
Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
InfoSecurity Magazine
Bridgestone Confirms "Limited Cyber Incident" Impacting Facilities in North America
South Carolina School District Data Breach Affects 31,000 People
macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Security
US and 14 Allies Release Joint Guidance on Software Bill of Materials
61% of US Companies Hit by Insider Data Breaches
GhostRedirector Emerges as New China-Aligned Threat Actor
North Korean Hackers Exploit Threat Intel Platforms For Phishing
CMS Provider Sitecore Patches Exploited Critical Zero Day
Scattered Spider-Linked Group Claims JLR Cyber-Attack
Threat Actors Abuse Hexstrike-AI Tool to Accelerate Exploitation
© 2025 RiskDiscovery | Sponsored by:
Deception Logic