Risk Discovery

DarkReading

Startup Spotlight: Twine Security Tackles the Execution Gap

GITEX GLOBAL 2025

Payback: 'ShinyHunters' Clocks Google via Salesforce

The Critical Flaw in CVE Scoring

Chanel Alerts Clients of Third-Party Breach

Researcher Deploys Fuzzer to Test Autonomous Vehicle Safety

Critical Zero-Day Bugs Crack Open CyberArk, HashiCorp Password Vaults

'ReVault' Security Flaws Impact Millions of Dell Laptops

VexTrio Cybercrime Outfit Run by Legit Ad Tech Firms

Google Gemini AI Bot Hijacks Smart Homes, Turns Off the Lights

Ars Technica

Here’s how deepfake vishing attacks work, and why they can be hard to detect

Voice phishers strike again, this time hitting Cisco

AI site Perplexity uses “stealth tactics” to flout no-crawl edicts, Cloudflare says

At $250 million, top AI salaries dwarf those of the Manhattan Project and the Space Race

Microsoft catches Russian hackers targeting foreign embassies

In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network

So far, only one-third of Americans have ever used AI for work

Flaw in Gemini CLI coding tool could allow hackers to run nasty commands

AI in Wyoming may soon use more electricity than state’s human residents

OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test

CyberScoop

CISA, Microsoft warn organizations of high-severity Microsoft Exchange vulnerability

Nigerian accused of hacking tax preparation businesses extradited to US

New National Cyber Director Cairncross faces challenges on policy, bureaucracy, threats

SonicWall firewalls hit by active mass exploitation of suspected zero-day

Why identity is the definitive cyber defense for federal agencies

Iranian hackers were more coordinated, aligned during Israel conflict than it seemed

Google addresses six vulnerabilities in August’s Android security update

AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges

‘Highly evasive’ Vietnamese-speaking hackers stealing data from thousands of victims in 62+ nations

Details emerge on BlackSuit ransomware takedown

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

I swapped my Sonos soundbar for one with detachable rear speakers - genius or gimmick?

GPT-5 is finally here, and you can access it for free today - no subscription needed

This $180 mini projector has no business being this good for the price

This AirTag key organizer has survived the ultimate torture test - and I'd buy it again any time

My top 5 favorite iOS 26 features so far - and how to try them all now

I've owned every Google Pixel flagship phone since the first - here's why 2025 will be different

The TSA-approved multitool myth: I tested it on a plane so you don't have to

Linux PC acting up? Here's my first course of action (and why it fixes things most of the time)

Why I pick this Windows laptop for creatives over my MacBook Pro (and it's not just price)

These 17 iOS tweaks instantly extended my iPhone battery life - quick and easy

The Hacker News

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense

Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups

6,500 Axis Servers Expose Remoting Protocol; 4,000 in U.S. Vulnerable to Exploits

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals

Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools

BleepingComputer

Bouygues Telecom confirms data breach impacting 6.4 million customers

SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw

Wave of 150 crypto-draining extensions hits Firefox add-on store

Cryptomixer founders pled guilty to laundering money for cybercriminals

Massive IPTV piracy service with 28,000 channels taken offline

Air France and KLM disclose data breaches impacting customers

Microsoft warns of high-severity flaw in hybrid Exchange deployments

Microsoft accidentally confirms GPT-5, GPT-5-Mini, GPT-5-Nano ahead of launch

Akira ransomware abuses CPU tuning tool to disable Microsoft Defender

New Ghost Calls tactic abuses Zoom and Microsoft Teams for C2 operations

Cybersecurity Dive

SonicWall says recent attack wave involved previously disclosed flaw, not zero-day

CISA, Microsoft warn about new Microsoft Exchange server vulnerability

US still prioritizing zero-trust migration to limit hacks’ damage

Top US energy companies frequently exposed to critical security flaws

CISA’s relationship with industry needs work to reestablish trust, experts say

Cybersecurity budgets tighten as economic anxiety rises

SonicWall investigating possible zero-day related to firewall attacks

AI is helping hackers automate and customize cyberattacks

Senate confirms Trump’s national cyber director nominee

Ransomware spike linked to potential zero-day flaw in SonicWall devices

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Black Hat's network ops center brings rivals together for a common cause

CISA releases malware analysis for Sharepoint Server attack

KLM, Air France latest major organizations looted for customer data

Meta training AI on social media posts? Only 7% in Europe think it's OK

Amnesty slams Elon Musk's X for 'central role' in fueling 2024 UK riots

Could agentic AI save us from the cybercrisis?

Microsoft researchers bullish on AI security agent even though it let 74% of malware slip through

Google says the group behind last year's Snowflake attack slurped data from one of its Salesforce instances

Vibe coding tool Cursor's MCP implementation allows persistent code execution

Patch now: Millions of Dell PCs with Broadcom chips vulnerable to attack

VentureBeat

Anthropic ships automated security reviews for Claude Code as AI-generated vulnerabilities surge

Anthropic’s new Claude 4.1 dominates coding tests days before GPT-5 arrives

ChatGPT rockets to 700M weekly users ahead of GPT-5 launch with reasoning superpowers

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution

AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders

ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step

Sparrow raises $35M Series B to automate the employee leave management nightmare

How E2B became essential to 88% of Fortune 100 companies and raised $21 million

TechCrunch

Data breach at French telecom giant Bouygues affects millions of customers

TeaOnHer, a rival Tea app for men, is leaking users’ personal data and driver’s licenses

Citizen Lab director warns cyber industry about US authoritarian descent

Final call: TechCrunch Disrupt 2025 ticket savings end tonight

Google says hackers stole its customers’ data by breaching its Salesforce database

Hacker used a voice phishing attack to steal Cisco customers’ personal information

SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks

Google says its AI-based bug hunter found 20 security vulnerabilities

Perplexity accused of scraping websites that explicitly blocked AI scraping

North Korean spies posing as remote workers have infiltrated hundreds of companies, says CrowdStrike

Network World Security

WatchGuard updates tabletop firewall series with high-speed networking and AI-powered security

Top network and data center events 2025

In crowded observability market, Gartner calls out AI capabilities, cost optimization, DevOps integration

HPE unveils AI-powered network security and data protection technology

Cisco teams with Hugging Face for AI model anti-malware

2025 global network outage report and internet health check

Riverbed banks on AI-driven network observability

Data neutrality: Safeguarding your AI’s competitive edge

Broadcom expands AI networking portfolio with Jericho4 Ethernet fabric router

Infoblox reinforces DNS defense package

Help Net Security

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls

Top solutions to watch after Black Hat USA 2025

Photos: Black Hat USA 2025

Beyond PQC: Building adaptive security programs for the unknown

Cybercriminals are getting personal, and it’s working

Elastic AI SOC Engine helps SOC teams expose hidden threats

AI can write your code, but nearly half of it may be insecure

Energy companies are blind to thousands of exposed services

Absolute Security upgrades platform with AI assistant and real-time risk response tools

InfoSecurity Magazine

#BHUSA: Microsoft Debuts AI Agent Able to Reverse Engineer Malware

New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at Risk

Google Among Victims in Ongoing Salesforce Data Theft Campaign

Experts Alarmed by UK Government’s Companies House ID Checks

SonicWall: Attacks Linked to Legacy Bug and Password Use

#BHUSA: Security Researchers Uncover Critical Flaws in Axis CCTV Software

#BHUSA: Researchers Expose Infrastructure Behind Cybercrime Network VexTrio

Clinical Data Stolen in Cyber-Attack on Kidney Dialysis Provider DaVita

#BHUSA: OpenAI Launches Red Teaming Challenge for New Open-Weight LLMs

US Authorities Extradite Nigerian Man Accused of Hacking and Fraud

© 2025 RiskDiscovery | Sponsored by: Deception Logic