Risk Discovery

DarkReading

Gen Z Falls for Scams 2x More Than Older Generations

DragonForce Ransom Cartel Profits Off Rivals' Demise

SafePay Claims Ingram Micro Breach, Sets Ransom Deadline

3 Things CFOs Need to Know About Mitigating Threats

Russia's Secret Blizzard APT Gains Embassy Access via ISPs

Getting a Cybersecurity Vibe Check on Vibe Coding

What the Coinbase Breach Says About Insider Risk

Dark Reading Confidential: Funding the CVE Program of the Future

Low-Code Tools in Microsoft Azure Allowed Unprivileged Access

Koreans Hacked, Blackmailed by 250+ Fake Mobile Apps

Ars Technica

Microsoft catches Russian hackers targeting foreign embassies

In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network

So far, only one-third of Americans have ever used AI for work

Flaw in Gemini CLI coding tool could allow hackers to run nasty commands

AI in Wyoming may soon use more electricity than state’s human residents

OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test

Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel

After BlackSuit is taken down, new ransomware group Chaos emerges

OpenAI’s most capable AI model, GPT-5, may be coming in August

Supply-chain attacks on open source software are getting out of hand

CyberScoop

Feds still trying to crack Volt Typhoon hackers’ intentions, goals

Russia-affiliated Secret Blizzard conducting ongoing espionage against embassies in Moscow

Senate legislation would direct federal agencies to fortify against quantum computing cyber threats

Project Zero disclosure policy change puts vendors on early notice

Senate Democrats call Trump admin’s focus on state voter rolls a pretext for disenfranchisement

Army Secretary forces West Point to rescind appointment given to Easterly

Palo Alto Networks to acquire CyberArk for $25 billion

CISA is facing a tight CIRCIA deadline. Here’s how Sean Plankey can attempt to meet it

Research shows data breach costs have reached an all-time high

Minnesota governor activates National Guard amid St. Paul cyberattack

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Microsoft Authenticator won't manage your passwords anymore - or most passkeys

Why the best-value robot vacuum right now isn't made by iRobot or Shark

This one feature could make GPT-5 a true game changer (if OpenAI gets it right)

Finally, an Android tablet that I can confidently recommend to gamers

I replaced my ThinkPad with this Lenovo tablet for a week - and it was pretty dang close

This $599 Asus Zenbook OLED is seriously the best Windows laptop deal right now

The best sports watches of 2025: Expert tested and reviewed

Should you turn on Adaptive Power on iOS 26? Here's my advice after testing it

Why I recommend this Samsung tablet over pricier models - especially the Ultra

How to move your Google Chrome's address bar on an Android phone (and why you should)

The Hacker News

Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies

Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials

N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals

UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud

Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs

Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps

FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant

Product Walkthrough: A Look Inside Pillar's AI Security Platform

BleepingComputer

Kali Linux can now run in Apple containers on macOS systems

Microsoft to disable Excel workbook links to blocked file types

Microsoft now pays up to $40,000 for some .NET vulnerabilities

CISA open-sources Thorium platform for malware, forensic analysis

Microsoft: Russian hackers use ISP access to hack embassies in AiTM attacks

Inside a Real Clickfix Attack: How This Social Engineering Hack Unfolds

Spikes in malicious activity precede new security flaws in 80% of cases

Proton launches free standalone cross-platform Authenticator app

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH

Hackers target Python devs in phishing attacks using fake PyPI site

Cybersecurity Dive

Ransomware gangs capitalize on law enforcement takedowns of competitors

Industry groups urge vigilance as Scattered Spider evolves tactics

Palo Alto Networks to buy CyberArk for $25 billion

What we know about the cybercrime group Scattered Spider

CISA’s Joint Cyber Defense Collaborative takes major personnel hit

‘Shadow AI’ increases cost of data breaches, report finds

FBI, CISA warn about Scattered Spider’s evolving tactics

Ransomware attacks against oil and gas firms surge

Research shows LLMs can conduct sophisticated attacks without humans

Allianz Life discloses massive data breach linked to supply-chain attack

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

As ransomware gangs threaten physical harm, 'I am afraid of what's next,' ex-negotiator says

Gene scanner pays $9.8 million to get feds off its back in security flap

Microsoft's Azure AI Speech needs just seconds of audio to spit out a convincing deepfake

Beijing summons Nvidia over alleged backdoors in China-bound AI chips

Kremlin goons caught abusing ISPs to spy on Moscow-based diplomats, Microsoft says

Silk Typhoon spun a web of patents for offensive cyber tools, report says

Brit watchdog pushes to rein in Microsoft and AWS with 'strategic market status'

NHS disability equipment provider on brink of collapse a year after cyberattack

Banning VPNs to protect kids? Good luck with that

Internet exchange points are ignored, vulnerable, and absent from infrastructure protection plans

VentureBeat

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution

AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders

ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step

Sparrow raises $35M Series B to automate the employee leave management nightmare

How E2B became essential to 88% of Fortune 100 companies and raised $21 million

CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone

SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more

Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely

TechCrunch

Google is experimenting with machine learning-powered age-estimation tech in the US

Palo Alto Networks agrees to buy CyberArk for $25 billion

Germ brings end-to-end encrypted messages to Bluesky

Hackers stole Social Security numbers during Allianz Life cyberattack

Minnesota activates National Guard as cyberattack on Saint Paul disrupts public services

Skechers is making kids’ shoes with a hidden AirTag compartment

Google says UK government has not demanded an encryption backdoor for its users’ data

Tea app disables DMs after second data breach exposed over a million private messages

Telecom giant Orange warns of disruption amid ongoing cyberattack

Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers

Network World Security

Intel news: networking unit spinoff, earnings uproar, AI snub

CMA slams Microsoft domination of UK cloud services as anti-competitive

Data center survey: AI gains ground but trust concerns persist

Observe secures $156M funding boost for AI-powered observability

Palo Alto Networks to buy CyberArk for $25B as identity security takes center stage

Micron unveils PCIe Gen6 SSD to power AI data center workloads

IBM: Cost of U.S. data breach reaches all-time high and shadow AI isn’t helping

Survey: AI, cyber threats, distributed workforces challenge IT teams most

Backblaze adds cloud storage security protection features

Debian shifts to 64-bit time storage to head off Epochalypse

Help Net Security

Review: CISA Certified Information Systems Auditor Practice Tests

Security gaps still haunt shared mobile device use in healthcare

Infosec products of the month: July 2025

GreyNoise enhances threat response with real-time blocklists, feeds, and SOAR integrations

Intel 471 unveils Verity471, a unified platform for next-gen cyber threat intelligence

Outpost24 launches Credential Checker to spot leaked credentials on the dark web

Singulr introduces AI control plane to replace fragmented tools with unified, automated governance

Citrix delivers new tools for quantum-ready, anywhere work

Why stolen credentials remain cybercriminals’ tool of choice

Palo Alto Networks to acquire CyberArk in $25 billion deal

InfoSecurity Magazine

Android Malware Targets Banking Users Through Discord Channels

CISA Unveils Eviction Strategies Tool to Aid Incident Response

Ransomware Attacks Escalate to Physical Threats Against Executives

Cybercriminals ‘Spooked’ After Scattered Spider Arrests

FunkSec Ransomware Victims Can Now Recover Files with Free Decryptor

Passwordless Future Years Away Despite Microsoft Authenticator Move

Over 200 Malicious Open Source Packages Traced to Lazarus Campaign

Hafnium Tied to Advanced Chinese Surveillance Tools

Hidden Backdoor Found in ATM Network via Raspberry Pi

Google to Publicly Report New Vulnerabilities Within One Week of Vendor Disclosure

© 2025 RiskDiscovery | Sponsored by: Deception Logic