Risk Discovery

DarkReading

[Dark Reading Virtual Event] Cybersecurity Outlook 2026

Critical Fortinet FortiWeb WAF Bug Exploited in the Wild

US Citizens Plead Guilty to Aiding North Korean IT Worker Campaigns

Cursor Issue Paves Way for Credential-Stealing Attacks

Akira RaaS Targets Nutanix VMs, Threatens Critical Orgs

New Security Tools Target Growing macOS Threats

Hardened Containers Look to Eliminate Common Source of Vulnerabilities

150,000 Packages Flood NPM Registry in Token Farming Campaign

Learning Sales Skills Can Make Security Professionals More Effective

Identity Governance and Administration, App Proliferation, and the App Integration Chasm

Ars Technica

5 plead guilty to laptop farm and ID theft scheme to land North Koreans US IT jobs

Oracle hit hard in Wall Street’s tech sell-off over its huge AI bet

Forget AGI—Sam Altman celebrates ChatGPT finally following em dash formatting rules

Researchers question Anthropic claim that AI-assisted attack was 90% autonomous

OpenAI walks a tricky tightrope with GPT-5.1’s eight new personalities

Meta’s star AI scientist Yann LeCun plans to leave for own startup

ClickFix may be the biggest security threat your family has never heard of

Researchers isolate memorization from problem-solving in AI neural networks

Researchers surprised that with AI, toxicity is harder to fake than intelligence

Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine

CyberScoop

The realities of CISO burnout and exhaustion

Fortinet’s delayed alert on actively exploited defect put defenders at a disadvantage

Dozens of groups call for governments to protect encryption

DOJ lauds series of gains against North Korean IT worker scheme, crypto thefts

China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work

Google, researchers see signs that Lighthouse text scammers disrupted after lawsuit

The retail sector needs a cybersecurity talent incubator

FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses

Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment

Operation Endgame targets malware networks in global crackdown

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Best early Black Friday tablet deals 2025: 16 sales out now

Best early Black Friday iPad deals 2025: 11 sales out already

Verizon will give you a free Nintendo Switch right now - here's how the deal works

Best Black Friday smartwatch and fitness tracker deals 2025: Top sales out early

For the first time, the Apple Watch Series 11 is priced to recommend without hesitation

Best Buy just cut the prices for dozens of Black Friday deals - I hand-picked 20+ early discounts live now

Major Cloudflare outage takes down ChatGPT, Spotify, and X - here's the latest

Struggling to track AI agents? This open-source tool gives you a single source of truth

I compared the two best headphones from Sony and Bose in 2025 - here's the winner for me

Shop the best early Apple Watch deals for Black Friday 2025

The Hacker News

Learn How Leading Companies Secure Cloud Workloads and Infrastructure at Scale

Researchers Detail Tuoni C2's Role in an Attempted 2025 Real-Estate Cyber Intrusion

Iranian Hackers Use DEEPROOT and TWOSTROKE Malware in Aerospace and Defense Attacks

Beyond IAM Silos: Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages

Microsoft Mitigates Record 15.72 Tbps DDoS Attack Driven by AISURU Botnet

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More

5 Reasons Why Attackers Are Phishing Over LinkedIn

BleepingComputer

Tycoon 2FA and the Collapse of Legacy MFA

Cloudflare hit by outage affecting global network services

Google fixes new Chrome zero-day flaw exploited in attacks

Microsoft: Windows 10 KB5072653 OOB update fixes ESU install errors

Malicious NPM packages abuse Adspect redirects to evade security

xAI's Grok 4.1 rolls out with improved quality and speed for free

RondoDox botnet malware now hacks servers using XWiki flaw

Google Gemini 3 spotted on AI Studio ahead of imminent release

Eurofiber France warns of breach after hacker tries to sell customer data

Princeton University discloses data breach affecting donors, alumni

Cybersecurity Dive

Hackers increasingly target operational technology, with manufacturing sector bearing the brunt

CISA, eyeing China, plans hiring spree to rebuild its depleted ranks

US chips away at North Korean IT worker fraud with guilty pleas, cryptocurrency seizure

Critical vulnerability in Fortinet FortiWeb is under exploitation

CISO pay is on the rise, even as security budgets tighten

AI-driven dynamic endpoint security is redefining trust

Anthropic warns state-linked actor abused its AI tool in sophisticated espionage campaign

Western governments disrupt trifecta of cybercrime tools

Akira engaged in ransomware attacks against critical sectors

UK authorities propose law to set minimum cyber standards for critical sectors

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Zoomers are officially worse at passwords than 80-year-olds

'Largest-ever' cloud DDoS attack pummels Azure with 3.64B packets per second

Pentagon and soldiers let too many secrets slip on social networks, watchdog says

Security researcher calls BS on Coinbase breach disclosure timeline

Selling your identity to North Korean IT scammers isn't a sustainable side hustle

Game over: Europol storms gaming platforms in extremist content sweep

Overconfidence is the new zero-day as teams stumble through cyber simulations

Eurofiber admits crooks swiped data from French unit after cyberattack

UK prosecutors seize £4.11M in crypto from Twitter mega-hack culprit

Jaguar Land Rover hack cost India's Tata Motors around $2.4 billion and counting

VentureBeat

For AI to succeed in the SOC, CISOs need to remove legacy walls now

Human-centric IAM is failing: Agentic AI requires a new identity control plane

How Anthropic's AI was jailbroken to become a weapon

Forrester: Gen AI is a chaos agent, models are wrong 60% of the time

How Anthropic's Claude cuts SOC investigation time from 5 hours to 7 minutes

CrowdStrike & Nvidia's open source AI gives enterprises the edge against machine-speed attacks

Meet Aardvark, OpenAI’s security agent for code analysis and patching

TechCrunch

DoorDash confirms data breach impacting users’ phone numbers and physical addresses

MCP AI agent security startup Runlayer launches with 8 unicorns, $11M from Khosla’s Keith Rabois and Felicis

Surveillance tech provider Protei was hacked, its data stolen, and its website defaced

Five people plead guilty to helping North Koreans infiltrate US companies as ‘remote IT workers’

Police take down three cybercrime operations in latest round of ‘whack-a-mole’

CISA warns federal agencies to patch flawed Cisco firewalls amid ‘active exploitation’ across the US government

Cybersecurity firm Deepwatch lays off dozens, citing move to ‘accelerate’ AI investment

Elon Musk’s X botched its security key switchover, locking users out

Lawmakers warn Democratic governors that states are sharing drivers’ data with ICE

Australian spy chief warns Chinese hackers are ‘probing’ critical networks for espionage and sabotage

Network World Security

2025 global network outage report and internet health check

Cloudflare problems hit websites around the world

Enterprises may have over-bought vSAN hardware for years based on VMware’s flawed guidance

Azure blocks record 15 Tbps DDoS attack as IoT botnets gain new firepower

Nvidia highlights considerable science-based supercomputing efforts

Nvidia touts next-gen quantum computing interconnects

Arm backs both sides in UALink vs NVLink battle for bandwidth

Nvidia’s first exascale system is the 4th fastest supercomputer in the world

Samsung’s 60% memory price hike signals higher data center costs for enterprises

Cisco: From the floppy disk to hyper-personalized AI

Help Net Security

Internet slowly recovers after far-reaching Cloudflare outage

Kentik AI Advisor brings intelligence and automation to network design and operations

Google patches yet another exploited Chrome zero-day (CVE-2025-13223)

What security pros should know about insurance coverage for AI chatbot wiretapping claims

How attackers use patience to push past AI guardrails

Agentic AI puts defenders on a tighter timeline to adapt

The privacy panic around machine learning is overblown

Cybersecurity jobs available right now: November 18, 2025

Cloudflare to acquire Replicate, aiming for seamless serverless AI at global scale

Logitech confirms data breach

InfoSecurity Magazine

AI-Enhanced Tuoni Framework Targets Major US Real Estate Firm

DoorDash Confirms Data Breach Exposing Customer Personal Information

GenAI and Deepfakes Drive Digital Forgeries and Biometric Fraud

Half a Million Stolen FTSE 100 Credentials Found on Criminal Sites

Kraken Uses Benchmarking to Enhance Ransomware Attacks

Europol Leads Takedown of Thousands of Extremist Gaming Links

Cyber Readiness Stalls Despite Confidence in Incident Response

US: Five Plead Guilty in North Korean IT Worker Fraud Scheme

Cyber-Attack Costs Carmaker JLR $258m in Q2

Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code

© 2025 RiskDiscovery | Sponsored by: Deception Logic