Risk Discovery

DarkReading

'Djinn' Stealer Targets Cloud, AI Credentials

Vulnerabilities Expose Private Data in Indian Government Systems

Can Clothes Make You Invisible to Facial Recognition?

Iran, Russia, China Target Water Systems for Sabotage

Amazon Q VS Extension Flaw Leads to Cloud Credential Theft

Third-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk

AI Decline? Confidence in Autonomous Penetration Testing Falls

Cisco Adds NHI to Security Stack With Astrix, WideField Acquisitions

New Initiative Tackles Security for End-of-Life Open Source Software

AI Won't Wipe-Out Entry-Level Cybersecurity Jobs

Ars Technica

New attack provides one more reason why AI browsers are a bad idea

US offers $10 million for info on group behind Signal and WhatsApp hacking spree

Notion killing Skiff-influenced email app since most users use AI agents instead

One-two punch delivered in global operation disrupts cybercrime "assembly line"

White House drastically shortens deadline for dropping quantum-vulnerable crypto

Oracle’s 21,000 layoffs help drive its debt-fueled AI investments

Following user outcry, AMD reinstates memory encryption in consumer CPUs

Microsoft discovers new lightweight backdoor that steals cryptocurrency

Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds

Before SpaceX IPO, investors in China secretly acquired stakes

CyberScoop

Citrix patches a new NetScaler flaw with echoes of CitrixBleed

Trump budget boss Russell Vought open to re-staffing CISA

DHS to unveil replacement council for critical infrastructure cybersecurity

How ransomware syndicates weaponize corporate-style organization

Warner bill would create federally vetted list for secure, trustworthy AI agents

Supreme Court approves mail-in ballots that arrive after Election Day

Supreme Court delivers ‘major win’ for tech privacy in Chatrie ruling

What the post-quantum executive order really demands of CISOs

ATF cancels controversial commercial geolocation contract

FCC passes new cybersecurity rules for emergency systems, undersea cables

InfoSecurity Magazine

Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day

Critical SimpleHelp Vulnerability Exploited For Malware Delivery

ClickFix Now Cybercriminals' Favorite Malware Delivery Technique

Hackers Leverage Blockchain to Hit Japan's Hotels Through Booking.com Phishing

UK Healthcare Sector Records Tenfold Increase in Cyber-Attacks

Over 300 UK Firms Hit by Ransomware in a Year

OpenAI Reveals GPT-5.6 Sol Cybersecurity Model, Restricts Early Access

Telegram-Based Millenium RAT Campaign Infects 60,000 Devices

US Federal Insurance Regulator Confirms Data Breach Via Oracle Flaw

Russian Hackers Accused of Destructive Cyber-Attack on Jaguar Land Rover

SecurityWeek

BlueHammer Vulnerability Exploited in Ransomware Attacks

Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks

Aflac Japan Data Breach Impacts 4.38 Million

Hacker Conversations: Chris Thompson, Former Head of IBM X-Force Red, Co-Founder of RemoteThreat

Supreme Court Rules Constitutional Privacy Protections Apply to Cellphone Users’ Location History

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins

The AI Token Costs That Can Break Cybersecurity

Nissan Employee Data Breached in Oracle PeopleSoft Hack

Critical SimpleHelp Vulnerability Exploited for Malware Delivery

Quantifind Raises $200 Million for AI-Native Risk Intelligence

ZDNet

I brought a Bose, Sony, and JBL speaker to the beach - this one's my new outdoor essential

Netflix vs. Peacock: I've subscribed to both streaming services for years - this one's more worth it

How I turned my old Android phone into a dashcam for free - in 5 easy steps

AI Model Release Tracker: Anthropic releases Sonnet 5

Why I switched to wireless security cameras after years of testing wired models

Apple rushed to squash 29 bugs because AI is supercharging hackers - update ASAP

61% of US adults use AI for health information now - up from 2% in 2024

Why 'countdown mode' is the task manager feature I can't live without

Too many junk files on your Windows PC? This free tool can remove them in one click

I tried the 'Plus Five' rule to fix my iPhone's slow wireless charging - here's what happened

The Hacker News

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data

RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

What the Numbers Say About FIFA 2026 Cyber Risk

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks

New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials

BleepingComputer

New BioShocking attack manipulates AI browser into data theft

Microsoft accelerates quantum-safe roadmap as risks grow

Malicious PyPI packages give hackers control of Telegram bot servers

Fake Perplexity extension on Chrome Web Store tracked searches

Lessons from the Underground: How to Combat Business Email Compromise

Insurance giant Aflac discloses data breach after subsidiary hack

Microsoft adds smarter bot protection to Teams meetings

Kali Linux 2026.2 released with 9 new tools, NetHunter updates

Blackfield ransomware asks Nidec Corporation for $2 million ransom

CISA: Windows BlueHammer flaw now exploited by ransomware gangs

gbhackers

NDSS Symposium Heads to Seoul in 2027 to Expand Global Cybersecurity Collaboration

Reflectiz to Host Webinar, Joined by Taboola, on Securing Third-Party Marketing in the AI Era

AppViewX Launches Global Partner Program Amid Rising Demand for Machine and Agent Identity Security

Critical Progress Kemp LoadMaster Vulnerability Enables Pre-Auth Remote Code Execution

BumbleBee and AdaptixC2 Deliver Akira Ransomware Through Bing SEO Poisoning

Multiple AirDrop and Quick Share Vulnerabilities Allow Attackers to Crash Devices

PoC Released for NTLM reflection bypass Vulnerability that Emanbles SYSTEM Access on Windows Server

SystemBC Malware Turns Windows Machines Into SOCKS5 Proxies for Ransomware Attacks

Kali Linux 2026.2 Release With new Hacking Tool and With Updated Desktop Environments

Boss Scam Uses DLL Sideloading to Hijack WhatsApp Web and Defraud Enterprises

Cybersecurity Dive

Critical flaw in SimpleHelp exploited in attacks targeting sensitive credentials

DHS proposes new framework for public-private infrastructure security collaboration

Insurance body confirms hackers posted Oracle PeopleSoft breach data

OpenAI voluntarily limits new AI models at government’s request

From mythos to reality: Why the 2026 state of pentesting report proves the need for programmatic defenses

Software, AI companies form alliance to tackle open-source security flaws

FCC requires emergency-alert distributors to secure their systems

AWS unveils agent security, data access tools

NIST offers security guidance for water utilities using remote-access tools

As cyber risk evolves, the insurance industry tightens guardrails

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Infosec professionals sour on automated pentesting tools

Huntress CEO says threat hunter used 'poor judgment' in alerting ransomware crim about law enforcement probe

Microsoft builds a bouncer to keep bots out of Teams meetings

India’s central bank mandated use of .bank domains to enhance trust – but its registry leaked sensitive info

Security researchers tricked LLMs into giving them cocaine recipes by abusing role models for prompt injection

Four years into Ukraine invasion, Russia turns influence-ops back to US and Europe

Anonymous researcher drops 0-day 'exploitarium' repo

AI may be good at finding security vulnerabilities, but it can't beat human stupidity

Microsoft keeps Windows Server 2022 hotpatching alive into 2027

Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs

VentureBeat

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

Autonomous security agents need complete data. Here's how to check if yours is ready.

Frontier AI is rewriting the economics of software supply chain security

Visa will offer an inside look at Project Glasswing and how the most powerful agentic models are changing enterprise security at VB Transform 2026

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Copilot searched your mailbox. LiteLLM handed out admin keys. Run this 5-check audit before your stack is next

TechCrunch

In major privacy win, Supreme Court rules geofence warrants are protected by privacy rights

Russian hackers were behind $2.5B hack of Jaguar Land Rover: Report

Polymarket says hackers stole users’ funds

Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats

Cellebrite said it cut off Russia, but Russia used its tools anyway

New website names and shames companies that still don’t offer passkeys to users

Klue says hackers stole credential from 2022 that led to customer data breaches

Password manager maker LastPass says hackers stole customer support case data during Klue breach

Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach

A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak

Network World Security

Netgear brings AI-driven network management to SMEs and MSPs

2026 network outage report and internet health check

U.S. Open powers up AI-ready network in challenging environment

Aggressive federal PQE timeline prompts warnings for enterprises

You can’t build sovereign infrastructure with Broadcom, says CISPE

Presidential order addresses quantum computing gaps

Researchers cast new doubt on Microsoft’s quantum computing advance

IBM unveils sub-1 nanometer chip with nearly 100 billion transistors

Qualcomm’s $3.9 billion purchase of Modular aims to change the data center dynamic

IBM, Red Hat, Palo Alto team to secure open-source software

Help Net Security

Proton’s pitch for Lumo 2.0: Frontier AI without the data grab

Aikido Security acquires Root to expand backported fixes for open source vulnerabilities

Oracle E-Business Suite Payments flaw under attack (CVE-2026-46817)

Cequence Platform 9.0 uses AI to simplify API security and compliance

Jamf enables AI Governance and shadow AI detection on Mac

Digi International’s DANI automates network diagnostics and device management

OpenMatter Network brings verifiable trust to AI governance

SimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558)

Kali Linux 2026.2 trims VM boot times, refreshes its desktops

OpenClaw for iOS: The viral open-source AI agent comes to iPhone and iPad

SC Magazine

AI Cocaine Recipes, Russian Hack, Scattered Spider, Cisco, Amazon Q – Aaran Leyland - SWN #594

Leaders call for workforce overhaul as AI reshapes critical infrastructure

Critical Oracle E-Business Suite bug actively exploited

AI is Writing Your Code… And It’s Insecure | The New AppSec Reality - WC #1

ICIT founder on AI, quantum and critical infrastructure

Lessons learned from The Mandalorian and Grogu

Anonymous researcher dumps zero-day exploits for multiple software products

New websites referencing Venezuela earthquake pose online risks

Russian influence operations shift focus to US and Europe, leveraging AI

Attack exploiting SimpleHelp vulnerability deploys novel loader, infostealer

© 2026 RiskDiscovery | Sponsored by: Deception Logic