Risk Discovery

DarkReading

EU Sanctions Companies in China, Iran for Cyberattacks

C2 Implant 'SnappyClient' Targets Crypto Wallets

DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike

'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft

SideWinder Espionage Campaign Expands Across Southeast Asia

Researchers: Meta, TikTok Steal Personal & Financial Info When Users Click Ads

More Attackers Are Logging In, Not Breaking In

Clear Communication: The Missing Link in Cybersecurity Success

Less Lucrative Ransomware Market Makes Attackers Alter Methods

Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish

Ars Technica

Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway

Researchers disclose vulnerabilities in IP KVMs from four manufacturers

Supply-chain attack using invisible code hits GitHub and other repositories

The who, what, and why of the attack that has shut down Stryker's Windows network

14,000 routers are infected by malware that's highly resistant to takedowns

Feds take notice of iOS vulnerabilities exploited under mysterious circumstances

Amazon appears to be down, with over 20,000 reported problems

Trump gets data center companies to pledge to pay for power generation

Downdetector, Speedtest sold to IT service-provider Accenture in $1.2B deal

LLMs can unmask pseudonymous users at scale with surprising accuracy

CyberScoop

Cisco’s latest vulnerability spree has a more troubling pattern underneath

U.S. robotics companies want federal help to keep Chinese robots out of America’s networks

Second iOS exploit kit now in use by suspected Russian hackers

CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors

Trump administration isn’t pushing companies to conduct cyber offense, national cyber director says

Appeals court temporarily pauses order blocking Perplexity’s AI shopping agent on Amazon

It’s time to get serious about post-quantum security. Here’s where to start.

Zero lessons learned: Convicted scammer allegedly ran another athlete-focused phishing scam from federal prison

Attackers are exploiting AI faster than defenders can keep up, new report warns

Washington is right: Cybercrime is organized crime. Now we need to shut down the business model

InfoSecurity Magazine

FCA Updates Cyber Incident and Third-Party Reporting Rules

AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January

UK: Regulation Drives Cyber Spending for Critical Infrastructure Orgs

New Ubuntu Flaw Enables Local Attackers to Gain Root Access

Crypto Scam "ShieldGuard" Dismantled After Malware Discovery

AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure

Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats

AI Issues Will Drive Half of Incident Response Efforts by 2028, Says Gartner

Android OS-Level Attack Bypasses Mobile Payment Security

'CursorJack’ Attack Path Exposes Code Execution Risk in AI Development Environment

SecurityWeek

Hacker Conversations: Ben Harris, from Unintentional Young Hacker to Intentional Adult CEO

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Raven Emerges From Stealth With $20 Million in Funding

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks

The Collapse of Predictive Security in the Age of Machine-Speed Attacks

Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation

Cloud Security Startup Native Exits Stealth With $42 Million in Funding

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

Virtual Summit Today: Supply Chain & Third-Party Risk Summit

ZDNet

I can't recommend cheap Samsung and Google phones when this Android rival exists

Best Buy is already selling the MacBook Neo at a discount - and the catch isn't so bad

I tested an M.2 PCIe enclosure for data storage, and it promptly improved my workflow

The best VPS hosting services for 2026: Expert tested and reviewed

9 useful car gadgets I'd pay full price for (but some are on sale now)

The best phone deals from T-Mobile, Verizon, AT&T and other carriers right now

The best web hosting services of 2026: Expert tested and reviewed

This AI tool turned my messy browser tabs into something actually manageable

How to turn your old Android phone into a Wi-Fi extender - and fix dead spots at home

The hidden metric that makes these portable power stations truly worth your money

The Hacker News

New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

How Ceros Gives Security Teams Visibility and Control in Claude Code

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Claude Code Security and Magecart: Getting the Threat Model Right

9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels

BleepingComputer

Max severity Ubiquiti UniFi flaw may allow account takeover

CISA urges US orgs to secure Microsoft Intune systems after Stryker breach

New ‘Perseus’ Android malware checks user notes for secrets

Critical Microsoft SharePoint flaw now exploited in attacks

Aura confirms data breach exposing 900,000 marketing contacts

CISA orders feds to patch Zimbra XSS flaw exploited in attacks

ConnectWise patches new flaw allowing ScreenConnect hijacking

Ransomware gang exploits Cisco flaw in zero-day attacks since January

Marquis: Ransomware gang stole data of 672K people in cyberattack

The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms

gbhackers

CISA Calls on Organizations to Strengthen Microsoft Intune Security After Stryker Incident

Claude Vulnerabilities Allow Data Exfiltration and Malicious Redirect Attacks

Fake Tools and CDNs Power New “Vibe-Coded” Malware Campaign

Pyronut Package Backdoors Telegram Bots With RCE

OpenWebUI Servers Targeted in Attacks Using AI Payloads to Steal Data

Horabot Returns in Mexico, Spreading via Phishing and Email Worm Attacks

CISA Adds Exploited Zimbra Collaboration Suite Flaw to Warning List

Open VSX Extension Delivers RAT and Stealer via GitHub Downloader

Iran-Linked Botnet Exposed After Open Directory Leak Reveals 15-Node Relay Network

Aura Confirms Data Breach Exposing 900,000 Customer Records

Cybersecurity Dive

Threat groups target cyber-physical systems to disrupt critical infrastructure providers

Stryker begins restoring ordering, shipping systems after cyberattack

New research unpacks North Korea’s stealthy, sophisticated remote IT worker schemes

National cyber director expands on Trump administration’s vision for AI security, industry collaboration

Security teams might be overlooking wider threat to Cisco SD-WAN

Telus Digital confirms hack as ShinyHunters claims credit for massive data theft

Stryker attack raises concerns about role of device management tool

Robotics firm Intuitive Surgical says cyberattack compromised business, customer data

AI agent security: New governance framework shows progress, but critical gaps remain

Stryker’s manufacturing, shipping disrupted after cyberattack

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Okta made a nightmare micromanager for your AI agents

State snoops and spyware vendors planting info-stealing malware on iPhones, Google warns

Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

North Korea's 100,000-strong fake IT worker army rake in $500M a year for Kim Jong Un

Britain's satellite-watching gap to be plugged with £17.5M eyeball in Cyprus

Iran's cyberattack against med tech firm is 'just the beginning'

Linux Foundation kicks off effort to shield FOSS maintainers from AI slop bug reports

Japan to allow ‘proactive cyber-defense’ from October 1st

World~~Coin~~'s newest pitch: Scan your eyeballs to prove AI agents really represent you

EU sanctions Iranian cyber front over election meddling, Charlie Hebdo breach

VentureBeat

The authorization problem that could break enterprise AI

Nvidia's agentic AI stack is the first major platform to ship with security at launch, but governance gaps remain

OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert

Anthropic and OpenAI just exposed SAST's structural blind spot with free tools

Enterprise identity was built for humans — not AI agents

Microsoft says ungoverned AI agents could become corporate 'double agents.' Its fix costs $99 a month.

Pentagon vendor cutoff exposes the AI dependency map most enterprises never built

TechCrunch

Consumer-focused privacy company Cloaked raises $375M as it expands to enterprise

FBI is buying location data to track US citizens, director confirms

Marquis says over 672,000 people had personal and financial data stolen in ransomware attack

Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools

Apple rolls out first ‘background security’ update for iPhones, iPads, and Macs to fix Safari bug

Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices

Wiz investor unpacks Google’s $32B acquisition

The FBI is investigating malware hidden inside games hosted on Steam

Law enforcement shuts down botnet made of tens of thousands of hacked routers

Pro-Iran hacktivist group says it is behind attack on medical tech giant Stryker

Network World Security

Nvidia joins push for data centers in space

Versa extends SASE platform with Inbound SSE and Secure Enterprise Browser

OpenAI’s $50B AWS deal puts its Microsoft alliance to the test

Lenovo bolsters hybrid AI platform with Nvidia GPUs

Fortinet’s AI-driven defense for a machine-speed era

Microsoft’s laser-free cable tech promises to slash AI data center networking power bills

Beyond the fan: Crossing the liquid cooling rubicon

USAT to Distribute Digital Dollars to Thousands During St. Patrick’s Day Celebration in Times Square

Nvidia targets inference as AI’s next battleground with Groq 3 LPX

HPE, Nvidia expand AI partnership

Help Net Security

Entro Security AGA brings governance and control to enterprise AI agents and access

Komodor unveils Klaudia AI extensibility framework to power multi-agent incident resolution

Teleport announced Beams, wants to remove major barrier to agentic AI

Secure endpoint management systems immediately, CISA urges

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)

Google limits Android accessibility API to curb malware abuse

900,000 contact records exposed in Aura data breach

EDR killers are now standard equipment in ransomware attacks

Arcjet enables inline defense against prompt injection in production AI systems

Keysight SBOM Manager simplifies global cybersecurity compliance and software transparency

SC Magazine

FAA seeks info to boost air traffic systems' cyber, quantum defenses

Secure by design AI pushed by US government

Inaugural Energy Department cyber strategy's release imminent

Significant security flaws flagged in LangSmith, SGLang

VulnCheck: Threat of high-severity Cisco SD-WAN bug potentially missed

Major Verizon retailer's customer records reportedly stolen, offered for sale

Medusa ransomware purportedly hits University of Mississippi Medical Center, New Jersey county

Novel font-rendering attack prevents AI assistants from detecting illicit code

Mobile payment app takeovers possible with new Android OS-level attack

Increasingly advanced DDoS attacks ramp up amid mounting API, AI targeting

© 2026 RiskDiscovery | Sponsored by: Deception Logic