Risk Discovery

DarkReading

AI Agents Are Going Rogue: Here's How to Rein Them In

AI Security Agents Get Personas to Make Them More Appealing

Ollama, Nvidia Flaws Put AI Infrastructure at Risk

Sora 2 Makes Videos So Believable, Reality Checks Are Required

SonicWall Firewall Backups Stolen by Nation-State Actor

Multiple ChatGPT Security Bugs Allow Rampant Data Theft

APT 'Bronze Butler' Exploits Zero-Day to Root Japan Orgs

Nikkei Suffers Breach Via Slack Compromise

Operational Technology Security Poses Inherent Risks for Manufacturers

Critical Site Takeover Flaw Affects 400K WordPress Sites

Ars Technica

Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine

Google says project on famous crab-covered island is about cables, not combat

5 AI-developed malware families analyzed by Google fail to work and are easily detected

OpenAI signs massive AI compute deal with Amazon

Two Windows vulnerabilities, one a 0-day, are under active exploitation

ChatGPT maker reportedly eyes $1 trillion IPO despite major quarterly losses

After teen death lawsuits, Character.AI will restrict chats for under-18 users

NPM flooded with malicious packages downloaded more than 86,000 times

Nvidia hits record $5 trillion mark as CEO dismisses AI bubble concerns

New physical attacks are quickly diluting secure enclave defenses from Nvidia, AMD, and Intel

CyberScoop

Report: Government data mining has gone too far – and AI will make it worse

New Landfall spyware apparently targeting Samsung phones in Middle East

The quiet revolution: How regulation is forcing cybersecurity accountability

Agency that provides budget data to Congress hit with security incident

SonicWall pins attack on customer portal to undisclosed nation-state

Court reimposes original sentence for Capital One hacker

With each cloud outage, calls for government action grow louder

Congressional leaders want an executive branch strategy on China 6G, tech supply chain

House GOP leaders seek government probe, restrictions on Chinese-made tech

How the F5 breach, CISA job cuts, and a government shutdown are eroding U.S. cyber readiness

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Best early Black Friday Nintendo Switch deals 2025: 20+ sales out early

Best early Black Friday TV deals 2025: Save on Samsung, TCL, and more

Best early Black Friday Walmart deals 2025: 20+ sales out early

As OpenAI hits 1 million business customers, could the AI ROI tide finally be turning?

Samsung showed me its secret HDR10+ Advanced TV samples - and I'm nearly sold

Best early Black Friday Chromebook deals 2025: 15+ sales out early

Best early Black Friday Verizon deals 2025: 10+ deals for new and existing users

We hand-picked the 10 best tech products to gift this year

I found the absolute best early Black Friday streaming deals

Shop the best early Costco deals for Black Friday 2025

The Hacker News

Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp

From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools

Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation

Enterprise Credentials at Risk – Same Old, Same Old?

Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine

Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362

From Tabletop to Turnkey: Building Cyber Resilience in Financial Services

ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More

BleepingComputer

Microsoft testing faster Quick Machine Recovery in Windows 11

QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own

New LandFall spyware exploited Samsung zero-day via WhatsApp messages

Cisco: Actively exploited firewall flaws now abused for DoS attacks

ID verification laws are fueling the next wave of breaches

Leak confirms Google Gemini 3 Pro and Nano Banana 2 could launch soon

U.S. Congressional Budget Office hit by suspected foreign cyberattack

AI-Slop ransomware test sneaks on to VS Code marketplace

How a ransomware gang encrypted Nevada government's systems

Continuous Purple Teaming: Turning Red-Blue Rivalry into Real Defense

Cybersecurity Dive

Nevada ransomware attack traced back to malware download by employee

Cyberattacks surge against IoT, mobile devices in critical infrastructure

In financial sector, vendors lag behind customers on cybersecurity

SonicWall says state-linked actor behind attacks against cloud backup service

Your AI-driven threat hunting is only as good as your data platform and pipeline

AI-based malware makes attacks stealthier and more adaptive

Hackers targeting Cisco IOS XE devices with BadCandy implant

Researchers warn of flaws that allow manipulation of Microsoft Teams messages

Identity-based attacks need more attention in cloud security strategies

Security leaders say AI can help with governance, threat detection, SOC automation

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Cybercrims plant destructive time bomb malware in industrial .NET extensions

Microsoft's data sovereignty: Now with extra sovereignty!

Bank of England says JLR's cyberattack contributed to UK's unexpectedly slower GDP growth

How TeamViewer builds enterprise trust through security-first design

Gootloader malware back for the attack, serves up ransomware

Cisco warns of 'new attack variant' battering firewalls under exploit for 6 months

You'll never guess what the most common passwords are. Oh, wait, yes you will

SonicWall fingers state-backed cyber crew for September firewall breach

Malware-pwned laptop gifts cybercriminals Nikkei's Slack

Why UK businesses are paying ICO millions for password mistakes you're probably making right now

VentureBeat

How Anthropic's Claude cuts SOC investigation time from 5 hours to 7 minutes

CrowdStrike & NVIDIA’s open source AI gives enterprises the edge against machine-speed attacks

Meet Aardvark, OpenAI’s security agent for code analysis and patching

Security's AI dilemma: Moving faster while risking more

Fortanix and NVIDIA partner on AI security platform for highly regulated industries

Your IT stack is the enemy: How 84% of attacks evade detection by turning trusted tools against you

When your AI browser becomes your enemy: The Comet security disaster

TechCrunch

Washington Post confirms data breach linked to Oracle hacks

Congressional Budget Office confirms it was hacked

‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones

Italian political consultant says he was targeted with Paragon spyware

University of Pennsylvania confirms hacker stole data during cyberattack

Google gets the US government’s green light to acquire Wiz for $32B

Armis raises $435M pre-IPO round at $6.1B valuation after refusing M&A offers

Phone location data of top EU officials for sale, report finds

Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers

How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia

Network World Security

AWS launches ‘Capabilities by Region’ to simplify planning for cloud deployments

Google Cloud aims for more cost-effective Arm computing with Axion N4A

Google’s cheaper, faster TPUs are here, while users of other AI processors face a supply crunch

Top network and data center events 2025 & 2026

Network jobs watch: Hiring, skills and certification trends

Cisco launches AI infrastructure, AI practitioner certifications

Perplexity’s open-source tool to run trillion-parameter models without costly upgrades

Space: The final frontier for data processing

ZincFive targets AI data centers with new energy system

Arista shares Q3 financials, touts ‘golden era in networking’

Help Net Security

Attackers upgrade ClickFix with tricks used by online stores

Tufin Orchestration Suite R25-2 strengthens network, cloud, and SASE policy automation

November 2025 Patch Tuesday forecast: Windows Exchange Server EOL?

Postman expands platform with features for building AI-ready APIs

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story

What keeps phishing training from fading over time

Old privacy laws create new risks for businesses

Hospitals are running out of excuses for weak cyber hygiene

New infosec products of the week: November 7, 2025

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354)

InfoSecurity Magazine

Russian Hacking Group Sandworm Deploys New Wiper Malware in Ukraine

“I Paid Twice” Phishing Campaign Targets Booking.com

Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models

Hacktivist-Driven DDoS Dominates Attacks on Public Sector

AI-Enabled Malware Now Actively Deployed, Says Google

Google Forecasts Rise of Cyber-Physical Attacks Targeting Europe in 2026

Operation Chargeback Uncovers €300m Fraud Scheme in 193 Countries

UNK_SmudgedSerpent Targets Academics With Political Lures

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

SMS Fraud Losses Set to Decline 11% in 2026

© 2025 RiskDiscovery | Sponsored by: Deception Logic