Risk Discovery

DarkReading

Workday Breach Likely Linked to ShinyHunters Salesforce Attacks

How Evolving RATs Are Redefining Enterprise Security Threats

Internet-wide Vulnerability Enables Giant DDoS Attacks

Defending Against Cloud Threats Across Multicloud Environments

New Quantum-Safe Alliance Aims to Accelerate PQC Implementation

RealDefense Opens $10M Fund to Help OEMs Monetize Installs With SmartScan Cybersecurity SDK

New Crypto24 Ransomware Attacks Bypass EDR

Colt Telecommunications Struggles in Wake of Cyber Incident

Using Security Expertise to Bridge the Communication Gap

Water Systems Under Attack: Norway, Poland Blame Russia Actors

Ars Technica

Is AI really trying to escape human control and blackmail people?

OpenAI brings back GPT-4o after user revolt

Why it’s a mistake to ask chatbots about their mistakes

High-severity WinRAR 0-day exploited for weeks by 2 groups

The GPT-5 rollout has been a big mess

Encryption made for police and military radios may be easily cracked

It’s getting harder to skirt RTO policies without employers noticing

Adult sites are stashing exploit code inside racy .svg files

Google discovered a new scam—and also fell victim to it

OpenAI launches GPT-5 free to all ChatGPT users

CyberScoop

Trump threatens executive order on elections, claims states must obey

By gutting its cyber staff, State Department ignores congressional directives

Here’s what could happen if CISA 2015 expires next month

Court rebuffs request by telecoms to review $92 million privacy fine

Cisco discloses maximum-severity defect in firewall software

Court upholds FCC data breach reporting rules on telecom sector

US widens sanctions on Russian crypto exchange Garantex, its successor and affiliate firms

Russia restricts WhatsApp, Telegram calls, alleging criminal, terrorist activity

Fortinet SIEM issue coincides with spike in brute-force traffic against company’s SSL VPNs

The overlooked changes that two Trump executive orders could bring to cybersecurity

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

My internet went down - but this TV USB port trick made the outage more bearable

Every Google Pixel Watch owner should know these 2 simple performance tricks

I replaced my smartwatch with Garmin's new sleep tracker for weeks - here's my verdict

Claude can now stop conversations - for its own protection, not yours

Upgrading your headphones? 5 things I recommend doing with your current pair first

This universal adapter's hidden superpower earned it a spot in my travel bag

GPT-5 is friendlier now - but not everyone likes it. Here's why

Why my favorite MacBook Pro alternative is this Windows laptop with a striking design

How web scraping actually works - and why AI changes everything

This Linux distro puts more than 20 desktops a click away

The Hacker News

Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware

⚡ Weekly Recap: NFC Fraud, Curly COMrades, N-able Exploits, Docker Backdoors & More

Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

Wazuh for Regulatory Compliance

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware

Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools

U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions

Zero Trust + AI: Privacy in the Age of Agentic AI

Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution

BleepingComputer

ERMAC Android malware source code leak exposes banking trojan infrastructure

UK sentences “serial hacker” of 3,000 sites to 20 months in prison

Over 800 N-able servers left unpatched against critical flaws

Mozilla warns Germany could soon declare ad blockers illegal

Microsoft: Recent Windows updates may fail to install via WUSA

HR giant Workday discloses data breach after Salesforce attack

OpenAI releases warmer GPT-5 personality, but only for non thinking model

Google is adding "Projects" feature to Gemini to run research tasks

U.S. seizes $2.8 million in crypto from Zeppelin ransomware operator

Anthropic: Claude can now end conversations to prevent harmful uses

Cybersecurity Dive

The humble printer highlights overlooked security flaws

NIST seeks input on control overlays for securing AI systems

Cybersecurity ranks among top three risks to manufacturing sector

Developers knowingly push vulnerable code, despite growing breach risk

Water sector expands partnership with volunteer hackers

Trump administration cyber cuts eroding private sector’s trust, confidence

White House urged to revamp cyber regulations

CISA, Microsoft update guidance on Exchange Server vulnerability

US agencies, international allies issue guidance on OT asset inventorying

Xerox patches critical vulnerability in FreeFlow Core application

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Microsoft's Nuance coughs up $8.5M to rid itself of MOVEit breach suit

Workday warns of CRM breach after social engineers make off with business contact details

Boffins say tool can sniff 5G traffic, launch 'attacks' without using rogue base stations

Every question you ask, every comment you make, I'll be recording you

Someone's poking the bear with infostealers targeting Russian crypto developers

P2P payment service Zelle sued for enabling payment fraud hell

Election workers fear threats and intimidation without feds' support in 2026

Typhoon-adjacent Chinese crew broke into Taiwanese web host

Cisco's Secure Firewall Management Center now not-so secure, springs a CVSS 10 RCE hole

Cyberattack on Dutch prosecution service is keeping speed cameras offline

VentureBeat

Anthropic takes on OpenAI and Google with new Claude AI features designed for students and developers

The end of perimeter defense: When your own AI tools become the threat actor

Claude can now process entire software projects in single request, Anthropic says

Study warns of security risks as ‘OS agents’ gain control of computers and phones

Black Hat 2025: Why your AI tools are becoming the next insider threat

Anthropic ships automated security reviews for Claude Code as AI-generated vulnerabilities surge

Anthropic’s new Claude 4.1 dominates coding tests days before GPT-5 arrives

ChatGPT rockets to 700M weekly users ahead of GPT-5 launch with reasoning superpowers

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

TechCrunch

HR giant Workday says hackers stole personal data in recent breach

How your solar rooftop became a national security issue

Norway spy chief blames Russian hackers for hijacking dam

How we found TeaOnHer spilling users’ driver’s licenses in less than 10 minutes

Russian government hackers said to be behind US federal court filing system hack: Report

Hackers breach and expose a major North Korean spying operation

US government seized $1M from Russian ransomware gang

Electronic Arts blocks more than 300,000 attempts to cheat after launching Battlefield 6 beta

Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere

After researchers unmasked a prolific SMS scammer, a new operation has emerged in its wake

Network World Security

Despite the hubbub, Intel is holding onto server market share

Nvidia: Latest news and insights

Cisco’s 9% security growth is misleadingly low

VMware Explore 2025: Latest news and insights

Nvidia targets data center with new servers, AI software

Cisco Q4 results: AI infrastructure orders surpass goal

SonicWall rolls out eight new firewalls, expands cyber warranty

Cisco strengthens AI networking story

DEF CON research takes aim at ZTNA, calls it a bust

New Compute Exchange service answers GPU pricing queries

Help Net Security

New NIST guide explains how to detect morphed images

Noodlophile infostealer is hiding behind fake copyright and PI infringement notices

How security teams are putting AI to work right now

Buttercup: Open-source AI-driven system detects and patches vulnerabilities

Review: Data Engineering for Cybersecurity

Weak alerting and slipping prevention raise risk levels for CISOs

Bridging the AI model governance gap: Key findings for CISOs

Week in review: 2 threat actors exploiting WinRAR 0-day, Microsoft fixes “BadSuccessor” Kerberos flaw

How military leadership prepares veterans for cybersecurity success

Cyber insurance market shows early signs of maturity

InfoSecurity Magazine

USB Malware Campaign Spreads Cryptominer Worldwide

Popular npm Package Compromised in Phishing Attack

Chinese APT Group Targets Web Hosting Services in Taiwan

Colt Customers Face Prolonged Outages After Major Cyber Incident

Man Jailed for 20 Months After Compromising Millions of Accounts

Workday Reveals CRM Breach

US and Five Global Partners Release First Unified OT Security Taxonomy

Cisco Discloses Critical RCE Flaw in Firewall Management Software

Majority of Organizations Ship Vulnerable Code, Study Finds

Authorized Push Payment Fraud a National Security Risk to UK, Report Finds

© 2025 RiskDiscovery | Sponsored by: Deception Logic