[
News
|
Newsletters
|
Blogs
|
Reddits
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
The Critical Failure in Vulnerability Management
45 New Domains Linked to Salt Typhoon, UNC4841
How Has IoT Security Changed Over the Past 5 Years?
Critical SAP S/4HANA Vulnerability Under Attack, Patch Now
Anyone Using Agentic AI Needs to Understand Toxic Flows
Secretive MaaS Group 'TAG-150' Develops Novel 'CastleRAT'
Scammers Are Using Grok to Spread Malicious Links on X
Embracing the Next Generation of Cybersecurity Talent
Federal Cuts Put Local, State Agencies at Cyber-Risk
Sitecore Zero-Day Sparks New Round of ViewState Threats
Ars Technica
ChatGPT’s new branching feature is a good reminder that AI chatbots aren’t people
The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest.
Microsoft open-sources Bill Gates’ 6502 BASIC from 1978
New AI model turns photos into explorable 3D worlds, with caveats
Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet
OpenAI announces parental controls for ChatGPT after teen suicide lawsuit
Zuckerberg’s AI hires disrupt Meta with swift exits and threats to leave
Google warns that mass data theft hitting Salesloft AI agent has grown bigger
High-severity vulnerability in Passwordstate credential manager. Patch now.
Unpacking Passkeys Pwned: Possibly the most specious research in decades
CyberScoop
NYU team behind AI-powered malware dubbed ‘PromptLock’
AI can help track an ever-growing body of vulnerabilities, CISA official says
Sitecore zero-day vulnerability springs up from exposed machine key
Streameast, world’s largest pirated live sports network, shut down by Egyptian authorities
Cato Networks acquires AI security startup Aim Security
CISA guide seeks a unified approach to software ‘ingredients lists’
House panel approves cyber information sharing, grant legislation as expiration deadlines loom
FTC announces settlement with toy robot makers that tracked location of children
Google patches two Android zero-days, 120 defects total in September security update
Court rules ‘fired’ FTC commissioners be reinstated — again
HITBSecNews
Found on VirusTotal: The world’s first UEFI bootkit for Linux
OpenAI is at war with its own Sora video testers following brief public leak
North Korean hackers posing as IT workers steal over $1B in cyberattack
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
CISA Director Jen Easterly, in Place Since 2021, to Step Down
Man sick of crashes sues Intel for allegedly hiding CPU defects
North Korean hackers target cryptocurrency with malware
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Youth of today say passwords are old news, passkeys are the future
ZDNet
40+ Windows keyboard shortcuts that effectively improved my work productivity
How to watch Apple's iPhone 17 September event this week (and what to expect)
Apple iPhone 17 event live updates: The biggest rumors on AirPods, Apple Watch Series 11, more
6 features I'd like to see on the Apple Watch Series 11 - including a big one for health
These $15 accessories turned my AirPods into my ideal workout headphones
Every iPhone model compatible with iOS 26 (and which ones don't support the update)
Apple's iPhone 17 event invite has secret clues - my 3 biggest theories for what to expect
Copilot's new File Explorer tricks are serious OneDrive time-savers - how to try them
You should clean your AirPods ASAP, especially before you consider an upgrade this week
This oddball screwdriver is one of the most ergonomic tools I own (and it's only $15)
The Hacker News
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More
You Didn’t Get Phished — You Onboarded the Attacker
Noisy Bear Campaign Targeting Kazakhstan Energy Sector Outed as a Planned Phishing Test
Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations
SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild
Automation Is Redefining Pentest Delivery
BleepingComputer
Salesloft: March GitHub repo breach led to Salesforce data theft attacks
Action1 vs. Microsoft WSUS: A Better Approach to Modern Patch Management
Google to make it easier to access AI Mode as default
ChatGPT makes Projects feature free, adds a toggle to split chat
iCloud Calendar abused to send phishing emails from Apple’s servers
Czech cyber agency warns against Chinese tech in critical infrastructure
VirusTotal finds hidden malware phishing campaign in SVG files
AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack
Microsoft now enforces MFA on Azure Portal sign-ins for all tenants
EU fines Google $3.5 billion for anti-competitive ad practices
Cybersecurity Dive
Salesloft Drift integration restored after probe reveals months-long GitHub account compromise
Data security gaps stymy enterprise AI plans
Marriott checks out AI agents amid technology transformation
Swiss Re warns of rate deterioration in cyber insurance
Researchers warn of zero-day vulnerability in SiteCore products
How the newest ISAC aims to help food and agriculture firms thwart cyberattacks
How Tampa General Hospital worked to quantify cyber risk
Cloudflare, Proofpoint say hackers gained access to Salesforce instances in attack spree
Palo Alto Networks, Zscaler customers impacted by supply chain attacks
FCC investigation could derail its own IoT security certification program
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
The Register
PACER buckles under MFA rollout as courts warn of support delays
CISA sounds alarm over TP-Link wireless routers under attack
UK tech minister booted out in weekend cabinet reshuffle
The crazy, true story behind the first AI-powered ransomware
Shell to pay: Crims invade your PC with CastleRAT malware, now in C and Python
Critical, make-me-super-user SAP S/4HANA bug under active exploitation
Knock-on effects of software dev break-in hit schools trust
Attackers snooping around Sitecore, dropping malware via public sample keys
Boffins build automated Android bug hunting system
China-aligned crew poisons Windows servers to manipulate Google results
VentureBeat
TechCrunch
The growing debate over expanding age verification laws
X is now offering me end-to-end encrypted chat — you probably shouldn’t trust it yet
Venezuela’s president thinks American spies can’t hack Huawei phones
ICE reactivates contract with spyware maker Paragon
WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware
TransUnion says hackers stole 4.4 million customers’ personal information
FBI says China’s Salt Typhoon hacked at least 200 US companies
US sanctions fraud network used by North Korean ‘remote IT workers’ to seek jobs and steal money
DOGE uploaded live copy of Social Security database to ‘vulnerable’ cloud server, says whistleblower
Security researcher maps hundreds of TeslaMate servers spilling Tesla vehicle data
Network World Security
VMware Avi load balancer gains AI integration and post-quantum security
Red Sea cable cuts trigger latency for Azure, cloud services across Asia and the Middle East
Network discovery gets a boost from Intel-spinout Articul8
Intel: Latest news and insights
Google adds Gemini to its on-prem cloud for increased data protection
Cisco, Nvidia, VAST team to offer turnkey AI infrastructure components
Cato Networks acquires AI security startup Aim Security
Nvidia networking roadmap: Ethernet, InfiniBand, co-packaged optics will shape data center of the future
Inside the AI-optimized data center: Why next-gen infrastructure is nonnegotiable
For many NFL teams, a new season means infrastructure modernization
Help Net Security
SentinelOne to acquire Observo AI, enhancing SIEM and security operations
Salesloft Drift data breach: Investigation reveals how attackers got in
Linux Kernel Runtime Guard hits 1.0.0 with major updates and broader support
Cybersecurity research is getting new ethics rules, here’s what you need to know
InterceptSuite: Open-source network traffic interception tool
Cyber defense cannot be democratized
Identity management was hard, AI made it harder
AI moves fast, but data security must move faster
Week in review: Several companies affected by the Salesloft Drift breach, Sitecore 0-day vulnerability
Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
InfoSecurity Magazine
Wealthsimple Confirms Data Breach After Supply Chain Attack
MostereRAT Targets Windows Users With Stealth Tactics
Remote Access Abuse Biggest Pre-Ransomware Indicator
Qualys, Tenable Latest Victims of Salesloft Drift Hack
GhostAction Supply Chain Attack Compromises 3000+ Secrets
SAP S/4HANA Users Urged to Patch Critical Exploited Bug
Bridgestone Confirms "Limited Cyber Incident" Impacting Facilities in North America
South Carolina School District Data Breach Affects 31,000 People
macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Security
US and 14 Allies Release Joint Guidance on Software Bill of Materials
© 2025 RiskDiscovery | Sponsored by:
Deception Logic