Risk Discovery

DarkReading

Kenya Kicks Off 'Code Nation' With a Nod to Cybersecurity

'CitrixBleed 2' Wreaks Havoc as Zero-Day Bug

Google Looks to Dim 'Lighthouse' Phishing-as-a-Service Op

Microsoft Exchange 'Under Imminent Threat,' Act Now

Phishing Tool Uses Smart Redirects to Bypass Detection

Patch Now: Microsoft Flags Zero-Day & Critical Zero-Click Bugs

Grandparents to C-Suite: Elder Fraud Reveals Gaps in Human-Centered Cybersecurity

Bridging the Skills Gap: How Military Veterans Are Strengthening Cybersecurity

Kimsuky APT Takes Over South Korean Androids, Abuses KakaoTalk

OWASP Highlights Supply Chain Risks in New Top 10 List

Ars Technica

OpenAI walks a tricky tightrope with GPT-5.1’s eight new personalities

Meta’s star AI scientist Yann LeCun plans to leave for own startup

ClickFix may be the biggest security threat your family has never heard of

Researchers isolate memorization from problem-solving in AI neural networks

Researchers surprised that with AI, toxicity is harder to fake than intelligence

Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine

Google says project on famous crab-covered island is about cables, not combat

5 AI-developed malware families analyzed by Google fail to work and are easily detected

OpenAI signs massive AI compute deal with Amazon

Two Windows vulnerabilities, one a 0-day, are under active exploitation

CyberScoop

Congressional Dems press governors to block feds from accessing state DMV data

While White House demands deterrence, Trump shrugs

Google files lawsuit against Lighthouse ‘phishing for dummies’ text scammers

Amazon pins Cisco, Citrix zero-day attacks to APT group

Advocacy group calls on OpenAI to address Sora 2’s deepfake risks

Maryland man faces federal charges for crimes allegedly linked to 764

Microsoft Patch Tuesday addresses 63 defects, including one actively exploited zero-day

Amazon rolls out AI bug bounty program

Hitachi subsidiary GlobalLogic impacted by Clop’s attack spree on Oracle customers

BigBear.ai to buy Ask Sage, strengthening security-centric AI for federal agencies

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

The best Kindles in 2025: Expert recommended

The best VPN routers of 2025: Expert tested and reviewed

Does your chatbot have 'brain rot'? 4 ways to tell

Two ways to remove a directory in Linux - plus a bonus method for extra security

I'm a Photoshop diehard but Canva's new free tools just won me over - and saved me $35/month

What does an orange USB port mean? I found out the surprising truth about all the colors

Why this limited edition PS5 bundle is one of my favorite game deals for Black Friday

Best Buy is selling this Nintendo Switch 2 Pokemon bundle for less than retail - how to redeem

You can store a passport in your iPhone's Wallet now - here's how, and what you can do with it

Google's Private AI Compute promises good-as-local privacy in the Gemini cloud

The Hacker News

ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories

CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks

Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform

Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws

[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack

Google Launches 'Private AI Compute' — Secure AI Processing with On-Device-Level Privacy

WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks

BleepingComputer

Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations

CISA warns of WatchGuard firewall flaw exploited in attacks

Google sues to dismantle Chinese phishing platform behind US toll scams

Windows 11 now supports 3rd-party apps for native passkey management

DanaBot malware is back to infecting Windows after 6-month break

Microsoft fixes bug causing false Windows 10 end-of-support alerts

Extending Zero Trust to AI Agents: “Never Trust, Always Verify” Goes Autonomous

New UK laws to strengthen critical infrastructure cyber defenses

Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks

Synnovis notifies of data breach after 2024 ransomware attack

Cybersecurity Dive

Companies want more from their threat intelligence platforms

Sophisticated threat actor targeting zero-day flaws in Cisco ISE and Citrix

Shadow AI is widespread — and executives use it the most

AI agents worsen IT’s capacity crunch: S&P Global

Cisco detects new attack variant targeting vulnerable firewalls

Conduent warns of further financial fallout from cyberattack

Nevada ransomware attack traced back to malware download by employee

Cyberattacks surge against IoT, mobile devices in critical infrastructure

In financial sector, vendors lag behind customers on cybersecurity

SonicWall says state-linked actor behind attacks against cloud backup service

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Google sues 25 China-based scammers behind Lighthouse 'phishing for dummies' kit

Attackers turned Citrix, Cisco 0-day exploits into custom-malware hellscape

Bitcoin bandit's £5B bubble bursts as cops wrap seven-year chase

UK's Cyber Security and Resilience Bill makes Parliamentary debut

Aviation watchdog says organized drone attacks will shut UK airports ‘sooner or later’

China hates crypto and scams, but is now outraged USA acquired bitcoin from a scammer

Australia’s spy boss says authoritarian nations ready to commit ‘high-impact sabotage’

North Korean spies turn Google's Find Hub into remote-wipe weapon

EU's reforms of GDPR, AI slated by privacy activists for 'playing into Big Tech’s hands'

OWASP Top 10: Broken access control still tops app security list

VentureBeat

How Anthropic's Claude cuts SOC investigation time from 5 hours to 7 minutes

CrowdStrike & NVIDIA’s open source AI gives enterprises the edge against machine-speed attacks

Meet Aardvark, OpenAI’s security agent for code analysis and patching

Security's AI dilemma: Moving faster while risking more

Fortanix and NVIDIA partner on AI security platform for highly regulated industries

Your IT stack is the enemy: How 84% of attacks evade detection by turning trusted tools against you

When your AI browser becomes your enemy: The Comet security disaster

TechCrunch

Cybersecurity firm Deepwatch lays off dozens, citing move to ‘accelerate’ AI investment

Elon Musk’s X botched its security key switchover, locking users out

Lawmakers warn Democratic governors that states are sharing drivers’ data with ICE

Australian spy chief warns Chinese hackers are ‘probing’ critical networks for espionage and sabotage

Red Bull Racing’s secret weapon? An engineer who treats workflows like lap times

Why a lot of people are getting hacked with government spyware

Washington Post confirms data breach linked to Oracle hacks

Congressional Budget Office confirms it was hacked

‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones

Italian political consultant says he was targeted with Paragon spyware

Network World Security

Top quantum breakthroughs of 2025

How enterprises are rethinking online AI tools

Broadcom introduces standards-based fabric, Cisco integration with VCF

Cloud-based GPU savings are real – for the nimble

2025 global network outage report and internet health check

Buyer’s guide to AI networking technology

AWS launches ‘Capabilities by Region’ to simplify planning for cloud deployments

Google Cloud aims for more cost-effective Arm computing with Axion N4A

Google’s cheaper, faster TPUs are here, while users of other AI processors face a supply crunch

Top network and data center events 2025 & 2026

Help Net Security

Nokod Security launches Adaptive Agent Security to protect AI agents across the entire ADLC

Healthcare security is broken because its systems can’t talk to each other

Wanna bet? Scammers are playing the odds better than you are

Sprout: Open-source bootloader built for speed and security

Automation can’t fix broken security basics

The browser is eating your security stack

Google adds Emerging Threats Center to speed detection and response

UK’s new Cyber Security and Resilience Bill targets weak links in critical services

Securonix DPM Flex optimizes SIEM data management

Commvault Cloud Unity platform delivers unified data security, recovery, and identity protection

InfoSecurity Magazine

Improve Collaboration to Hit Back At Rising Fraud, Says techUK

Synnovis Finally Issues Breach Notification After 2024 Ransomware Attack

GlobalLogic Becomes Latest Cl0p Victim After Oracle EBS Attack

Cyber-Insurance Payouts Soar 230% in UK

Microsoft Fixes Windows Kernel Zero Day in November Patch Tuesday

UK Government Finally Introduces Cyber Security and Resilience Bill

Android Devices Targeted By KONNI APT in Find Hub Exploitation

Qilin Ransomware Activity Surges as Attacks Target Small Businesses

Hackers Exploit Critical Flaw in Gladinet's Triofox File Sharing Product

CISA Adds Zero-Day Bug Used in Spyware Attacks to KEV

© 2025 RiskDiscovery | Sponsored by: Deception Logic