Risk Discovery

DarkReading

[Dark Reading Virtual Event] Cybersecurity Outlook 2026

Critical Fortinet FortiWeb WAF Bug Exploited in the Wild

US Citizens Plead Guilty to Aiding North Korean IT Worker Campaigns

Cursor Issue Paves Way for Credential-Stealing Attacks

Akira RaaS Targets Nutanix VMs, Threatens Critical Orgs

New Security Tools Target Growing macOS Threats

Hardened Containers Look to Eliminate Common Source of Vulnerabilities

150,000 Packages Flood NPM Registry in Token Farming Campaign

Learning Sales Skills Can Make Security Professionals More Effective

Identity Governance and Administration, App Proliferation, and the App Integration Chasm

Ars Technica

5 plead guilty to laptop farm and ID theft scheme to land North Koreans US IT jobs

Oracle hit hard in Wall Street’s tech sell-off over its huge AI bet

Forget AGI—Sam Altman celebrates ChatGPT finally following em dash formatting rules

Researchers question Anthropic claim that AI-assisted attack was 90% autonomous

OpenAI walks a tricky tightrope with GPT-5.1’s eight new personalities

Meta’s star AI scientist Yann LeCun plans to leave for own startup

ClickFix may be the biggest security threat your family has never heard of

Researchers isolate memorization from problem-solving in AI neural networks

Researchers surprised that with AI, toxicity is harder to fake than intelligence

Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine

CyberScoop

Fortinet’s delayed alert on actively exploited defect put defenders at a disadvantage

Dozens of groups call for governments to protect encryption

DOJ lauds series of gains against North Korean IT worker scheme, crypto thefts

China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work

Google, researchers see signs that Lighthouse text scammers disrupted after lawsuit

The retail sector needs a cybersecurity talent incubator

FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses

Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment

Operation Endgame targets malware networks in global crackdown

Congressional Dems press governors to block feds from accessing state DMV data

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Cloud-native computing is poised to explode, thanks to AI inference work

I tried Google's new trip-planning AI tool, and I'll never plan my own trip again

The best microSD cards of 2025: Expert tested

AI's scary new trick: Conducting cyberattacks instead of just helping out

Best Black Friday VPN deals 2025: Early subscription sales for NordVPN, Surfshark and more

I found an immutable Linux distro that never breaks and is effortless to use

Roaming authenticators offer what other passkey solutions can't - but there are trade-offs

Don't like Liquid Glass? Updating to iOS 26.1 made a big difference for me - here's how

My perfect MacBook Pro replacement turned out to be a Windows laptop I didn't see coming

Bose's QuietComfort Ultra shows the company still outperforms Apple in one key area

The Hacker News

Microsoft Mitigates Record 15.72 Tbps DDoS Attack Driven by AISURU Botnet

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More

5 Reasons Why Attackers Are Phishing Over LinkedIn

Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

BleepingComputer

Google fixes new Chrome zero-day flaw exploited in attacks

Microsoft: Windows 10 KB5072653 OOB update fixes ESU install errors

Malicious NPM packages abuse Adspect redirects to evade security

xAI's Grok 4.1 rolls out with improved quality and speed for free

RondoDox botnet malware now hacks servers using XWiki flaw

Google Gemini 3 spotted on AI Studio ahead of imminent release

Eurofiber France warns of breach after hacker tries to sell customer data

Princeton University discloses data breach affecting donors, alumni

Dutch police seizes 250 servers used by “bulletproof hosting” service

Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses

Cybersecurity Dive

CISA, eyeing China, plans hiring spree to rebuild its depleted ranks

US chips away at North Korean IT worker fraud with guilty pleas, cryptocurrency seizure

Critical vulnerability in Fortinet FortiWeb is under exploitation

CISO pay is on the rise, even as security budgets tighten

AI-driven dynamic endpoint security is redefining trust

Anthropic warns state-linked actor abused its AI tool in sophisticated espionage campaign

Western governments disrupt trifecta of cybercrime tools

Akira engaged in ransomware attacks against critical sectors

UK authorities propose law to set minimum cyber standards for critical sectors

Government funding bill temporarily revives cybersecurity information-sharing law

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

'Largest-ever' cloud DDoS attack pummels Azure with 3.64B packets per second

Pentagon and soldiers let too many secrets slip on social networks, watchdog says

Security researcher calls BS on Coinbase breach disclosure timeline

Selling your identity to North Korean IT scammers isn't a sustainable side hustle

Game over: Europol storms gaming platforms in extremist content sweep

Overconfidence is the new zero-day as teams stumble through cyber simulations

Eurofiber admits crooks swiped data from French unit after cyberattack

UK prosecutors seize £4.11M in crypto from Twitter mega-hack culprit

Jaguar Land Rover hack cost India's Tata Motors around $2.4 billion and counting

Logitech leaks data after zero-day attack

VentureBeat

For AI to succeed in the SOC, CISOs need to remove legacy walls now

Human-centric IAM is failing: Agentic AI requires a new identity control plane

How Anthropic's AI was jailbroken to become a weapon

Forrester: Gen AI is a chaos agent, models are wrong 60% of the time

How Anthropic's Claude cuts SOC investigation time from 5 hours to 7 minutes

CrowdStrike & Nvidia's open source AI gives enterprises the edge against machine-speed attacks

Meet Aardvark, OpenAI’s security agent for code analysis and patching

TechCrunch

DoorDash confirms data breach impacting users’ phone numbers and physical addresses

MCP AI agent security startup Runlayer launches with 8 unicorns, $11M from Khosla’s Keith Rabois and Felicis

Surveillance tech provider Protei was hacked, its data stolen, and its website defaced

Five people plead guilty to helping North Koreans infiltrate US companies as ‘remote IT workers’

Police take down three cybercrime operations in latest round of ‘whack-a-mole’

CISA warns federal agencies to patch flawed Cisco firewalls amid ‘active exploitation’ across the US government

Cybersecurity firm Deepwatch lays off dozens, citing move to ‘accelerate’ AI investment

Elon Musk’s X botched its security key switchover, locking users out

Lawmakers warn Democratic governors that states are sharing drivers’ data with ICE

Australian spy chief warns Chinese hackers are ‘probing’ critical networks for espionage and sabotage

Network World Security

Nvidia highlights considerable science-based supercomputing efforts

Nvidia touts next-gen quantum computing interconnects

Arm jumps on the Nvidia NVLink Fusion bandwagon at SC25

Nvidia’s first exascale system is the 4th fastest supercomputer in the world

Samsung’s 60% memory price hike signals higher data center costs for enterprises

Cisco: From the floppy disk to hyper-personalized AI

Nvidia: Latest news and insights

Microsoft’s largest quantum site to be built in Denmark

Next-generation HPE supercomputer offers a mix of Nvidia and AMD silicon

StarlingX 11.0 addresses edge security, IPv4 exhaustion for massive deployments

Help Net Security

What security pros should know about insurance coverage for AI chatbot wiretapping claims

How attackers use patience to push past AI guardrails

Agentic AI puts defenders on a tighter timeline to adapt

The privacy panic around machine learning is overblown

Cybersecurity jobs available right now: November 18, 2025

Cloudflare to acquire Replicate, aiming for seamless serverless AI at global scale

Logitech confirms data breach

Synack unveils Sara Pentest to accelerate scalable AI-driven penetration testing

Five men admit helping North Korean IT workers infiltrate US companies

The internet isn’t free: Shutdowns, surveillance and algorithmic risks

InfoSecurity Magazine

GenAI and Deepfakes Drive Digital Forgeries and Biometric Fraud

Half a Million Stolen FTSE 100 Credentials Found on Criminal Sites

Kraken Uses Benchmarking to Enhance Ransomware Attacks

Europol Leads Takedown of Thousands of Extremist Gaming Links

Cyber Readiness Stalls Despite Confidence in Incident Response

US: Five Plead Guilty in North Korean IT Worker Fraud Scheme

Cyber-Attack Costs Carmaker JLR $258m in Q2

Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code

Akira Ransomware Haul Surpasses $244M in Illicit Proceeds

Google Files Lawsuit to Dismantle 'Lighthouse' Smishing Kit

© 2025 RiskDiscovery | Sponsored by: Deception Logic