Risk Discovery

DarkReading

Cyber Career Opportunities: Weighing Certifications vs. Degrees

'Fire Ant' Cyber Spies Compromise Siloed VMware Systems

AI-Generated Linux Miner 'Koske' Beats Human Malware

North Korea's IT Worker Rampage Continues Amid DoJ Action

Why Security Nudges Took Off

The Young and the Restless: Young Cybercriminals Raise Concerns

Can Security Culture Be Taught? AWS Says Yes

Law Enforcement Cracks Down on XSS — but Will It Last?

Ransomware Actors Pile on 'ToolShell' SharePoint Bugs

Translating Cyber-Risk for the Boardroom

Ars Technica

After BlackSuit is taken down, new ransomware group Chaos emerges

OpenAI’s most capable AI model, GPT-5, may be coming in August

Supply-chain attacks on open source software are getting out of hand

Two major AI coding tools wiped out user data after making cascading mistakes

Nvidia AI chips worth $1B smuggled to China after Trump export controls

Some VMware perpetual license owners are unable to download security patches

White House unveils sweeping plan to “win” global AI race through deregulation

OpenAI and partners are building a massive AI data center in Texas

What to know about ToolShell, the SharePoint threat under mass exploitation

A power utility is reporting suspected pot growers to cops. EFF says that’s illegal.

CyberScoop

Microsoft’s software licensing playbook is a national security risk

US offers $15 million reward for info on North Korean nationals involved in global criminal network

Microsoft SharePoint attacks ensnare 400 victims, including federal agencies

Plankey vows to boot China from U.S. supply chain, advocate for CISA budget

Trump AI plan pushes critical infrastructure to use AI for cyber defense

Authorities in Ukraine nab alleged admin of Russian-language cybercrime forum

Cisco network access security platform vulnerabilities under active exploitation

Contract lapse leaves critical infrastructure cybersecurity sensor data unanalyzed at national lab

House Republicans endorse stricter state and federal-led voter roll purges despite dearth of evidence on fraud

Microsoft SharePoint zero-day attacks pinned on China-linked ‘Typhoon’ threat groups

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

New Wyze lamp socket powers your outdoor Cam, and turns your dumb bulb smart - here's how

Considering Samsung's new Z Flip 7? Why I recommend waiting for next year's model

This 16-inch Acer is a full-package value pick I'd happily replace my main laptop with

My search for the ultimate car charger is over - and this one has a flexible superpower

I replaced my Apple Watch with the Samsung Galaxy Watch 8 for a week - and didn't mind it

Why this $300 Lenovo is the tablet I recommend to most people - including iPad users

I found cheap accessories that made my AirTags twice as useful (and secure)

I spent a weekend with Meta's new Oakley smart glasses - they beat my Ray-Bans in every way

The best gaming speakers of 2025: Expert tested from SteelSeries and more

You can download iOS 26 public beta right now - how to install (and which iPhones support it)

The Hacker News

Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach

Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure

Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide

U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm

Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files

Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor

Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks

Overcoming Risks from Chinese GenAI Tool Usage

Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems

Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments

BleepingComputer

Scattered Spider is running a VMware ESXi hacking spree

Allianz Life confirms data breach impacts majority of 1.4 million customers

Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks

Amazon AI coding agent hacked to inject data wiping commands

Microsoft investigates outage affecting Microsoft 365 admin center

The role of the cybersecurity PM in incident-driven development

US sanctions North Korean firm, nationals behind IT worker schemes

Woman gets 8 years for aiding North Koreans infiltrate 300 US firms

Microsoft lifts Windows 11 update block for Easy Anti-Cheat users

BlackSuit ransomware extortion sites seized in Operation Checkmate

Cybersecurity Dive

Emerging cybersecurity needs: What the market is telling us

Philadelphia Indemnity Insurance discloses June data breach

Treasury sanctions North Koreans involved in IT-worker schemes

Senators push CISA director nominee on election security, agency focus

What we know about the Microsoft SharePoint attacks

Trump AI plan calls for cybersecurity assessments, threat info-sharing

Lapsed CISA contract impedes national lab’s threat-hunting operations

Clorox files $380 million suit blaming Cognizant for 2023 cyberattack

SharePoint hacking campaign affects hundreds of systems worldwide

Microsoft sees China-backed nation-state hackers among adversaries targeting SharePoint

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Aeroflot aeroflops over 'IT issues' after attackers claim year-long compromise

US spy satellite agency breached, but insists no classified secrets spilled

Congress tries to outlaw AI that jacks up prices based on what it knows about you

Blame a leak for Microsoft SharePoint attacks, researcher insists

Senator to Google: Give us info from telco Salt Typhoon probes

Freelance dev shop Toptal caught serving malware after GitHub account break-in

Microsoft admits it 'cannot guarantee' data sovereignty

Advisor to Brit tech contractors Qdos confirms client data leak

DNS security is important but DNSSEC may be a failed experiment

Laptop farmer behind $17M North Korean IT worker scam locked up for 8.5 years

VentureBeat

How E2B became essential to 88% of Fortune 100 companies and raised $21 million

CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone

SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more

Early Anthropic hire raises $15M to insure AI agents and help startups deploy safely

Anthropic researchers discover the weird AI problem: Why thinking longer makes models dumber

Crowdstrike’s massive cyber outage 1-year later: lessons enterprises can learn to improve security

Google DeepMind makes AI history with gold medal win at world’s toughest math competition

How OpenAI’s red team made ChatGPT agent into an AI fortress

Salesforce used AI to cut support load by 5% — but the real win was teaching bots to say ‘I’m sorry’

Blaxel raises $7.3M seed round to build ‘AWS for AI agents’ after processing billions of agent requests

TechCrunch

Dating safety app Tea breached, exposing 72,000 user images

Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack

Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers

Cybercrime forum Leak Zone publicly exposed its users’ IP addresses

AI slop and fake reports are coming for your bug bounty programs

European authorities arrest alleged admin of notorious Russian crime forum XSS

Hundreds of organizations breached by SharePoint mass-hacks

Apple alerted Iranians to iPhone spyware attacks, say researchers

UK government wants ransomware victims to report breaches so it can carry out ‘targeted disruptions’ against hackers

National security meets next-gen tech at TechCrunch Disrupt 2025’s AI Defense panel

Network World Security

Sysadmins ready for AI, but skepticism abounds

AI Project Stargate struggles to get off the ground

Unexpected costs drive on-premises computing

CISPE seeks to annul Broadcom’s VMware takeover

Network jobs watch: Hiring, skills and certification trends

CompTIA updates Linux+ certification

Storage vendors bring record capacity devices to handle massive data generation

Humana slashes engineering hours with network automation overhaul

Broadcom blocks VMware patch access for perpetual license holders with expired support contracts

Ambient sensing: Privacy-aware embedded intelligence

Help Net Security

Your supply chain security strategy might be missing the biggest risk

The legal minefield of hacking back

Vulnhuntr: Open-source tool to identify remotely exploitable vulnerabilities

Review: LLM Engineer’s Handbook

How to fight document fraud with the latest tech tools

Week in review: Microsoft SharePoint servers under attack, landing your first cybersecurity job

Digital sovereignty becomes a matter of resilience for Europe

What 50 companies got wrong about cloud identity security

Six months into DORA, most financial firms are still not ready

New infosec products of the week: July 25, 2025

InfoSecurity Magazine

Naval Group Denies Hack Claims, Alleges "Reputational Attack"

US Woman Gets Eight Years for Part in $17m North Korean Scheme

Dating App Breach Exposes Images of 13,000 Women

BlackSuit Ransomware Group’s Dark Web Sites Seized in Operation Checkmate

Prolonged Chinese Cyber Espionage Campaign Targets VMware Appliances

New Chaos Ransomware Emerges, Launches Wave of Attacks

Malware Campaign Masquerades as Dating Apps to Steal Data

FBI Exposes The Com’s Criminal Activities and Involvement of Minors

Ransomware Deployed in Compromised SharePoint Servers

UK and Romania Crack Down on ATM Fraudster Network

© 2025 RiskDiscovery | Sponsored by: Deception Logic