Risk Discovery

DarkReading

French Advisory Sheds Light on Apple Spyware Activity

Without Federal Help, Cyber Defense Is Up to the Rest of Us

Undocumented Radios Found in Solar-Powered Devices

Vyro AI Leak Reveals Poor Cyber Hygiene

'Gentlemen' Ransomware Abuses Vulnerable Driver to Kill Security Gear

Apple CarPlay RCE Exploit Left Unaddressed in Most Cars

F5 to Acquire CalypsoAI for Advanced AI Security Capabilities

AI-Enhanced Malware Sports Super-Stealthy Tactics

Vidar Infostealer Back With a Vengeance

Cyberattack on Kazakhstan's Largest Oil Company Was 'Simulation'

Ars Technica

Modder injects AI dialogue into 2002’s Animal Crossing using memory hack

OpenAI and Microsoft sign preliminary deal to revise partnership terms

35 percent of VMware workloads expected to migrate elsewhere by 2028

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

Developers joke about “coding like cavemen” as AI service suffers major outage

Microsoft ends OpenAI exclusivity in Office, adds rival Anthropic

Claude’s new AI file-creation feature ships with security risks built in

SAP warns of high-severity vulnerabilities in multiple products

Why accessibility might be AI’s biggest breakthrough

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

CyberScoop

SonicWall firewalls targeted by fresh Akira ransomware surge

DHS watchdog finds mismanagement in critical cyber talent program

CISA work not ‘degraded’ by Trump administration cuts, top agency official says

F5 to acquire AI security firm CalypsoAI for $180 million

Wyden calls on FTC to investigate Microsoft for ‘gross cybersecurity negligence’ in protecting critical infrastructure

China’s ‘Typhoons’ changing the way FBI hunts sophisticated threats

Three states team up in investigative sweep of companies flouting data opt-out laws

The npm incident frightened everyone, but ended up being nothing to fret about

Acting federal cyber chief outlines his three priorities for the next year

Apple’s new Memory Integrity Enforcement system deals a huge blow to spyware developers

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Apple iPhone 17 Pro vs. iPhone 16 Pro: I compared both models, and there's a big difference

Get this Samsung TV on sale and get a year of ESPN Unlimited for free

iPhone 17 Pro Max vs. Google Pixel 10 Pro XL: I compared both and here's the winner

iPhone Air vs. Samsung S25 Edge: I compared both ultra-thin phones to decide a winner

I compared the iPhone 17, iPhone Air, 17 Pro, and 17 Pro Max: Here's who should upgrade

Are portable solar power banks viable? My verdict after a year of testing

I tried Apple's 2 big AI features announced at the iPhone 17 event - and both are game changers

ChatGPT just saved me 25% off my dinner tonight - here's how

FTC scrutinizes OpenAI, Meta, and others on AI companion safety for kids

Your Powerbeats Pro 2 are getting a serious upgrade - but there's a catch

The Hacker News

FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks

Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks

Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms

New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit

Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning

Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity

Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence

SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers

BleepingComputer

New HybridPetya ransomware can bypass UEFI Secure Boot

CISA warns of actively exploited Dassault RCE vulnerability

Windows 11 23H2 Home and Pro reach end of support in 60 days

The first three things you’ll want during a cyberattack

Man gets over 4 years in prison for selling unreleased movies

Samsung patches actively exploited zero-day reported by WhatsApp

Microsoft fixes Exchange Online outage affecting users worldwide

U.S. Senator accuses Microsoft of “gross cybersecurity negligence”

Apple warns customers targeted in recent spyware attacks

Panama Ministry of Economy discloses breach claimed by INC ransomware

Cybersecurity Dive

CISA pledges robust support for funding, further development of CVE program

Researchers warn VoidProxy phishing platform can bypass MFA

UK cyber leader calls for shift in focus toward continuity of critical services

How the retail sector teams up to defend against cybercrime

Senior NSC official said US needs to embrace offensive cyber

Ransomware insurance losses spike despite fewer claims: Resilience

National cyber director says US must shift risk burden toward adversaries

Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B

How AI and politics hampered the secure open-source software movement

Bridgestone Americas continues probe as it looks to restore operations

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

HybridPetya: More proof that Secure Boot bypasses are not just an urban legend

Samsung fixes Android 0-day that may have been used to spy on WhatsApp messages

All your vulns are belong to us! CISA wants to maintain gov control of CVE program

1,200 undergrads hung out to dry after jailbreak attack on laundry machines

Privacy activists warn digital ID won’t stop small boats – but will enable mass surveillance

Hack to school: Parents told to keep their little script kiddies in line

Huntress's 'hilarious' attacker surveillance splits infosec community

We're number 1! America now leads the world in surveillanceware investment

Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand

AI-powered penetration tool, an attacker's dream, downloaded 10K times in 2 months

VentureBeat

TechCrunch

Here’s the tech powering ICE’s deportation crackdown

Apple’s latest iPhone security feature just made life more difficult for spyware makers

France says Apple notified victims of new spyware attacks

Kids in the UK are hacking their own schools for dares and notoriety

Vibe coding? Meet vibe security

Jaguar Land Rover says data stolen in disruptive cyberattack

Google’s former security leads raise $13M to fight email threats before they reach you

Plex urges users to change passwords after data breach

Netskope follows Rubrik as a rare cybersecurity IPO, both backed by Lightspeed

VC giant Insight Partners notifies staff and limited partners after data breach

Network World Security

There are 121 AI processor companies. How many will succeed?

F5 to acquire CalypsoAI for advanced AI security capabilities

HomeLM: A foundation model for ambient AI

Google enlists new ‘free’ data transfer service as the EU Data Act deadline approaches

Microsoft finds possible solution to Azure capacity issues

Nvidia: Latest news and insights

Cisco’s Splunk embeds agentic AI into security and observability products

New life for the mainframe: AI cost savings materialize, modernization efforts pay off

Cadence adds Nvidia to digital twin tool for data center design

Nvidia rolls out new GPUs for AI inferencing, large workloads

Help Net Security

HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot

CISA looks to partners to shore up the future of the CVE Program

HCL AppScan 360º 2.0 protects software supply chains

Sublime Security enhances threat protection with AI agent

Your heartbeat could reveal your identity, even in anonymized datasets

CISOs brace for a new kind of AI chaos

Attackers are coming for drug formulas and patient data

Ransomware, vendor outages, and AI attacks are hitting harder in 2025

New infosec products of the week: September 12, 2025

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls

InfoSecurity Magazine

Attackers Adopting Novel LOTL Techniques to Evade Detection

France Warns Apple Users of New Spyware Campaign

ICO Warns of Student-Led Data Breaches in UK Schools

CISA Launches Roadmap for the CVE Program

Fileless Malware Deploys Advanced RAT via Legitimate Tools

Wyden Urges FTC Investigation Over Ascension Ransomware Hack

Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset

France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks

Ukrainian Ransomware Fugitive Added to Europe’s Most Wanted

LNER Reveals Supply Chain Attack Compromised Customer Information

© 2025 RiskDiscovery | Sponsored by: Deception Logic