Risk Discovery

DarkReading

[Dark Reading Virtual Event] Cybersecurity Outlook 2026

Akira RaaS Targets Nutanix VMs, Threatens Critical Orgs

New Security Tools Target Growing macOS Threats

Hardened Containers Look to Eliminate Common Source of Vulnerabilities

150,000 Packages Flood NPM Registry in Token Farming Campaign

Learning Sales Skills Can Make Security Professionals More Effective

Identity Governance and Administration, App Proliferation, and the App Integration Chasm

How CISOs Can Best Work With CEOs and the Board: Lessons From the Field

Orgs Move to SSO, Passkeys to Solve Bad Password Habits

Coyote, Maverick Banking Trojans Run Rampant in Brazil

Ars Technica

Forget AGI—Sam Altman celebrates ChatGPT finally following em dash formatting rules

Researchers question Anthropic claim that AI-assisted attack was 90% autonomous

OpenAI walks a tricky tightrope with GPT-5.1’s eight new personalities

Meta’s star AI scientist Yann LeCun plans to leave for own startup

ClickFix may be the biggest security threat your family has never heard of

Researchers isolate memorization from problem-solving in AI neural networks

Researchers surprised that with AI, toxicity is harder to fake than intelligence

Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine

Google says project on famous crab-covered island is about cables, not combat

5 AI-developed malware families analyzed by Google fail to work and are easily detected

CyberScoop

DOJ lauds series of gains against North Korean IT worker scheme, crypto thefts

China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work

Google, researchers see signs that Lighthouse text scammers disrupted after lawsuit

The retail sector needs a cybersecurity talent incubator

FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses

Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment

Operation Endgame targets malware networks in global crackdown

Congressional Dems press governors to block feds from accessing state DMV data

While White House demands deterrence, Trump shrugs

Google files lawsuit against Lighthouse ‘phishing for dummies’ text scammers

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Walmart's Black Friday sale is officially here: I'm tracking my favorite discounts up to 60% off live

Best Buy just cut the prices for dozens of Black Friday deals - I've hand-picked early discounts live now up to $800 off

Best Buy just cut the prices for dozens of Black Friday deals - I hand-picked 20+ early discounts live now

Google Brain founder Andrew Ng thinks you should still learn to code - here's why

Withings' FDA-cleared smart thermometer does more than take your temp - what's new

A week with this Oura Ring competitor killed my excitement - here's how things went

I'm tired of the cheap Android tablet slander - this $200 one checks all the boxes for me

Don't be sad if your Amazon driver shows up with smart glasses on - they're actually helpful

A year later, here's why I keep coming back to the Surface Laptop (especially at this price)

Walmart is offering a 53% Black Friday discount on this LG gaming monitor - but not for long

The Hacker News

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets

Ransomware's Fragmentation Reaches a Breaking Point While LockBit Returns

Chinese Hackers Use Anthropic's AI to Launch Automated Cyber Espionage Campaign

Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts

Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests' Payment Data

Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases Using Sui Blockchain

BleepingComputer

Decades-old ‘Finger’ protocol abused in ClickFix malware attacks

Jaguar Land Rover cyberattack cost the company over $220 million

Logitech confirms data breach after Clop extortion attack

Five plead guilty to helping North Koreans infiltrate US firms

Anthropic claims of Claude AI-automated cyberattacks met with doubt

Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks

Checkout.com snubs hackers after data breach, to donate ransom instead

US announces new strike force targeting Chinese crypto scammers

Google backpedals on new Android developer registration rules

ASUS warns of critical auth bypass flaw in DSL series routers

Cybersecurity Dive

Anthropic warns state-linked actor abused its AI tool in sophisticated espionage campaign

Western governments disrupt trifecta of cybercrime tools

Akira actively engaged in ransomware attacks against critical sectors

UK authorities propose law to set minimum cyber standards for critical sectors

Government funding bill temporarily revives cybersecurity information-sharing law

Companies want more from their threat intelligence platforms

Sophisticated threat actor targeting zero-day flaws in Cisco ISE and Citrix

Shadow AI is widespread — and executives use it the most

AI agents worsen IT’s capacity crunch: S&P Global

Cisco detects new attack variant targeting vulnerable firewalls

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Fortinet finally cops to critical make-me-admin bug under active exploitation

Crims poison 150K+ npm packages with token-farming malware

FBI flags scam targeting Chinese speakers with bogus surgery bills

CISA flags imminent threat as Akira ransomware starts hitting Nutanix AHV

Clop claims it hacked 'the NHS.' Which bit? Your guess is as good as theirs

Kubernetes overlords decide Ingress NGINX isn’t worth saving

Chinese spies told Claude to break into about 30 critical orgs. Some attacks succeeded

Ransomed CTO falls on sword, refuses to pay extortion demand

Ubuntu 25.10's Rusty sudo holes quickly welded shut

Extra, extra, read all about it: Washington Post clobbered in Clop caper

VentureBeat

How Anthropic's AI was jailbroken to become a weapon

Forrester: Gen AI is a chaos agent, models are wrong 60% of the time

How Anthropic's Claude cuts SOC investigation time from 5 hours to 7 minutes

CrowdStrike & Nvidia's open source AI gives enterprises the edge against machine-speed attacks

Meet Aardvark, OpenAI’s security agent for code analysis and patching

Security's AI dilemma: Moving faster while risking more

Fortanix and NVIDIA partner on AI security platform for highly regulated industries

TechCrunch

Five people plead guilty to helping North Koreans infiltrate US companies as ‘remote IT workers’

Police take down three cybercrime operations in latest round of ‘whack-a-mole’

CISA warns federal agencies to patch flawed Cisco firewalls amid ‘active exploitation’ across the US government

Cybersecurity firm Deepwatch lays off dozens, citing move to ‘accelerate’ AI investment

Elon Musk’s X botched its security key switchover, locking users out

Lawmakers warn Democratic governors that states are sharing drivers’ data with ICE

Australian spy chief warns Chinese hackers are ‘probing’ critical networks for espionage and sabotage

Red Bull Racing’s secret weapon? An engineer who treats workflows like lap times

Why a lot of people are getting hacked with government spyware

Washington Post confirms data breach linked to Oracle hacks

Network World Security

Microsoft’s largest quantum site to be built in Denmark

Next-generation HPE supercomputer offers a mix of Nvidia and AMD silicon

StarlingX 11.0 addresses edge security, IPv4 exhaustion for massive deployments

Arista, Palo Alto bolster AI data center security

AMD: Latest news and insights

AMD outlines ambitious plan for AI-driven data centers

Extreme plots enterprise marketplace for AI agents, tools, apps

Key takeaways from Cisco Partner Summit

AI networking demand fueled Cisco’s upbeat Q1 financials

Top quantum breakthroughs of 2025

Help Net Security

Chinese cyber spies used Claude AI to automate 90% of their attack campaign, Anthropic claims

A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn

Trulioo helps enterprises accelerate business onboarding

Why your security strategy is failing before it even starts

Protecting mobile privacy in real time with predictive adversarial defense

Los Alamos researchers warn AI may upend national security

What happens when employees take control of AI

New infosec products of the week: November 14, 2025

Fake spam filter alerts are hitting inboxes

“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again)

InfoSecurity Magazine

Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code

Akira Ransomware Haul Surpasses $244M in Illicit Proceeds

Google Files Lawsuit to Dismantle 'Lighthouse' Smishing Kit

“IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages

CISO Pay Increases 7% As Budget Growth Slows

Operation Endgame 3.0 Dismantles Three Major Malware Networks

Improve Collaboration to Hit Back At Rising Fraud, Says techUK

Synnovis Finally Issues Breach Notification After 2024 Ransomware Attack

GlobalLogic Becomes Latest Cl0p Victim After Oracle EBS Attack

Cyber-Insurance Payouts Soar 230% in UK

© 2025 RiskDiscovery | Sponsored by: Deception Logic