Risk Discovery

DarkReading

[Dark Reading Virtual Event] Cybersecurity Outlook 2026

Critical Fortinet FortiWeb WAF Bug Exploited in the Wild

US Citizens Plead Guilty to Aiding North Korean IT Worker Campaigns

Cursor Issue Paves Way for Credential-Stealing Attacks

Akira RaaS Targets Nutanix VMs, Threatens Critical Orgs

New Security Tools Target Growing macOS Threats

Hardened Containers Look to Eliminate Common Source of Vulnerabilities

150,000 Packages Flood NPM Registry in Token Farming Campaign

Learning Sales Skills Can Make Security Professionals More Effective

Identity Governance and Administration, App Proliferation, and the App Integration Chasm

Ars Technica

Oracle hit hard in Wall Street’s tech sell-off over its huge AI bet

Forget AGI—Sam Altman celebrates ChatGPT finally following em dash formatting rules

Researchers question Anthropic claim that AI-assisted attack was 90% autonomous

OpenAI walks a tricky tightrope with GPT-5.1’s eight new personalities

Meta’s star AI scientist Yann LeCun plans to leave for own startup

ClickFix may be the biggest security threat your family has never heard of

Researchers isolate memorization from problem-solving in AI neural networks

Researchers surprised that with AI, toxicity is harder to fake than intelligence

Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine

Google says project on famous crab-covered island is about cables, not combat

CyberScoop

Fortinet’s delayed alert on actively exploited defect put defenders at a disadvantage

Dozens of groups call for governments to protect encryption

DOJ lauds series of gains against North Korean IT worker scheme, crypto thefts

China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work

Google, researchers see signs that Lighthouse text scammers disrupted after lawsuit

The retail sector needs a cybersecurity talent incubator

FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses

Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment

Operation Endgame targets malware networks in global crackdown

Congressional Dems press governors to block feds from accessing state DMV data

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Roaming authenticators offer what other passkey solutions can't - but there are trade-offs

I switched to a $200 Motorola phone for a week, and it overdelivered in surprising ways

Amazon is selling the M4 MacBook Air for $250 off right now - and I'm jealous as a Pro user

12+ powerful Alexa commands you should start using at home (no subscriptions required)

This Dell laptop is perfect for the office and classroom - and it's 30% off for Black Friday

Sony WH-1000XM6 vs. WH-1000XM5: I compared both headphones, and this model wins

The best electric screwdrivers of 2025: Expert tested and reviewed

How much RAM does your PC need in 2025? A Windows and Mac expert's advice

How to clear your Mac cache (and fix slow performance for good)

Should you buy a laptop during Black Friday? My tell-tale sign of a worthwhile deal

The Hacker News

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More

5 Reasons Why Attackers Are Phishing Over LinkedIn

Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets

BleepingComputer

Google Gemini 3 spotted on AI Studio ahead of imminent release

Eurofiber France warns of breach after hacker tries to sell customer data

Princeton University discloses data breach affecting donors, alumni

Dutch police seizes 250 servers used by “bulletproof hosting” service

Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses

DoorDash email spoofing vulnerability sparks messy disclosure dispute

Pennsylvania AG confirms data breach after INC Ransom attack

Microsoft: Windows bug blocks Microsoft 365 desktop app installs

Google to flag Android apps with excessive battery use on the Play Store

Microsoft: Windows 10 KB5068781 ESU update may fail with 0x800f0922 errors

Cybersecurity Dive

US chips away at North Korean IT worker fraud with guilty pleas, cryptocurrency seizure

Critical vulnerability in Fortinet FortiWeb is under exploitation

CISO pay is on the rise, even as security budgets tighten

AI-driven dynamic endpoint security is redefining trust

Anthropic warns state-linked actor abused its AI tool in sophisticated espionage campaign

Western governments disrupt trifecta of cybercrime tools

Akira engaged in ransomware attacks against critical sectors

UK authorities propose law to set minimum cyber standards for critical sectors

Government funding bill temporarily revives cybersecurity information-sharing law

Companies want more from their threat intelligence platforms

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

'Largest-ever' cloud DDoS attack pummels Azure with 3.64B packets per second

Pentagon and soldiers let too many secrets slip on social networks, watchdog says

Security researcher calls BS on Coinbase breach disclosure timeline

Selling your identity to North Korean IT scammers isn't a sustainable side hustle

Game over: Europol storms gaming platforms in extremist content sweep

Overconfidence is the new zero-day as teams stumble through cyber simulations

Eurofiber admits crooks swiped data from French unit after cyberattack

UK prosecutors seize £4.11M in crypto from Twitter mega-hack culprit

Jaguar Land Rover hack cost India's Tata Motors around $2.4 billion and counting

Logitech leaks data after zero-day attack

VentureBeat

For AI to succeed in the SOC, CISOs need to remove legacy walls now

Human-centric IAM is failing: Agentic AI requires a new identity control plane

How Anthropic's AI was jailbroken to become a weapon

Forrester: Gen AI is a chaos agent, models are wrong 60% of the time

How Anthropic's Claude cuts SOC investigation time from 5 hours to 7 minutes

CrowdStrike & Nvidia's open source AI gives enterprises the edge against machine-speed attacks

Meet Aardvark, OpenAI’s security agent for code analysis and patching

TechCrunch

DoorDash confirms data breach impacting users’ phone numbers and physical addresses

MCP AI agent security startup Runlayer launches with 8 unicorns, $11M from Khosla’s Keith Rabois and Felicis

Surveillance tech provider Protei was hacked, its data stolen, and its website defaced

Five people plead guilty to helping North Koreans infiltrate US companies as ‘remote IT workers’

Police take down three cybercrime operations in latest round of ‘whack-a-mole’

CISA warns federal agencies to patch flawed Cisco firewalls amid ‘active exploitation’ across the US government

Cybersecurity firm Deepwatch lays off dozens, citing move to ‘accelerate’ AI investment

Elon Musk’s X botched its security key switchover, locking users out

Lawmakers warn Democratic governors that states are sharing drivers’ data with ICE

Australian spy chief warns Chinese hackers are ‘probing’ critical networks for espionage and sabotage

Network World Security

Nvidia’s first exascale system is the 4th fastest supercomputer in the world

Samsung’s 60% memory price hike signals higher data center costs for enterprises

Cisco: From the floppy disk to hyper-personalized AI

Nvidia: Latest news and insights

Microsoft’s largest quantum site to be built in Denmark

Next-generation HPE supercomputer offers a mix of Nvidia and AMD silicon

StarlingX 11.0 addresses edge security, IPv4 exhaustion for massive deployments

Arista, Palo Alto bolster AI data center security

AMD: Latest news and insights

AMD outlines ambitious plan for AI-driven data centers

Help Net Security

Cloudflare to acquire Replicate, aiming for seamless serverless AI at global scale

Logitech confirms data breach

Synack unveils Sara Pentest to accelerate scalable AI-driven penetration testing

Five men admit helping North Korean IT workers infiltrate US companies

The internet isn’t free: Shutdowns, surveillance and algorithmic risks

The tech that turns supply chains from brittle to unbreakable

Strix: Open-source AI agents for penetration testing

Product showcase: SecAlerts – Relevant, actionable, up-to-the-minute vulnerability alerts

The year ahead in cyber: What’s next for cybersecurity in 2026

The next tech divide is written in AI diffusion

InfoSecurity Magazine

Kraken Uses Benchmarking to Enhance Ransomware Attacks

Europol Leads Takedown of Thousands of Extremist Gaming Links

Cyber Readiness Stalls Despite Confidence in Incident Response

US: Five Plead Guilty in North Korean IT Worker Fraud Scheme

Cyber-Attack Costs Carmaker JLR $258m in Q2

Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code

Akira Ransomware Haul Surpasses $244M in Illicit Proceeds

Google Files Lawsuit to Dismantle 'Lighthouse' Smishing Kit

“IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages

CISO Pay Increases 7% As Budget Growth Slows

© 2025 RiskDiscovery | Sponsored by: Deception Logic