Risk Discovery

DarkReading

Microsoft Disrupts 'RaccoonO365' Phishing Service

'Scattered Lapsus$ Hunters,' Others Announce End of Hacking Spree

AI-Powered Sign-up Fraud Is Scaling Fast

Raven Stealer Scavenges Chromium Data Via Telegram

North Korean Group Targets South With Military ID Deepfakes

Ray Security Takes an Active Data Security Approach

Critical Bugs in Chaos Mesh Enable Cluster Takeover

Self-Replicating 'Shai-hulud' Worm Targets NPM Packages

'Vane Viper' Threat Group Tied to PropellerAds, Commercial Entities

Innovative FileFix Phishing Attack Proves Plenty Potent

Ars Technica

ChatGPT may soon require ID verification from adults, CEO says

Millions turn to AI chatbots for spiritual guidance and confession

Modder injects AI dialogue into 2002’s Animal Crossing using memory hack

OpenAI and Microsoft sign preliminary deal to revise partnership terms

35 percent of VMware workloads expected to migrate elsewhere by 2028

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

Developers joke about “coding like cavemen” as AI service suffers major outage

Microsoft ends OpenAI exclusivity in Office, adds rival Anthropic

Claude’s new AI file-creation feature ships with security risks built in

SAP warns of high-severity vulnerabilities in multiple products

CyberScoop

Microsoft seizes hundreds of phishing sites tied to massive credential theft operation

BreachForums founder resentenced to three years in prison

Senators, FBI Director Patel clash over cyber division personnel, arrests

Apple addresses dozens of vulnerabilities in latest software for iPhones, iPads and Macs

Check Point acquires AI security firm Lakera in push for enterprise AI protection

Top AI companies have spent months working with US, UK governments on model safety

When ‘minimal impact’ isn’t reassuring: lessons from the largest npm supply chain compromise

SonicWall firewalls targeted by fresh Akira ransomware surge

DHS watchdog finds mismanagement in critical cyber talent program

CISA work not ‘degraded’ by Trump administration cuts, top agency official says

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Meta Connect 2025 live updates: Ray-Bans 2, Hypernova smart glasses, Oakley, more

ChatGPT just got a new personalization hub. Not everyone is happy about it

A touchscreen MacBook may finally launch next year - what we know

I found a 4K action camera that competes with my GoPro (and it's on sale)

DJI's new mini drone is a powerhouse with an upgraded camera, but I have two concerns

Best early Amazon Prime Day Samsung deals 2025: My 23 favorites sales ahead of October

Consumer Reports calls Microsoft 'hypocritical' for stranding millions of Windows 10 PCs

Best Sam's Club deals to compete with October Prime Day 2025: My favorite 10+ deals

Best early Target Circle Week deals to compete with Prime Day 2025

Best October Prime Day deals under $100: My favorite early sales

The Hacker News

TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks

From Quantum Hacks to AI Defenses – Expert Guide to Building Unbreakable Cyber Resilience

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

Rethinking AI Data Security: A Buyer's Guide

Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims

DOJ Resentences BreachForums Founder to 3 Years for Cybercrime and Possession of CSAM

RaccoonO365 Phishing Network Dismantled as Microsoft, Cloudflare Take Down 338 Domains

Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover

SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids

New FileFix Variant Delivers StealC Malware Through Multilingual Phishing Site

BleepingComputer

VC giant Insight Partners warns thousands after ransomware breach

SonicWall warns customers to reset credentials after breach

Microsoft: Office 2016 and Office 2019 reach end of support next month

From ClickFix to MetaStealer: Dissecting Evolving Threat Actor Techniques

Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service

BreachForums hacking forum admin resentenced to three years in prison

Microsoft rolls out Copilot Chat to Microsoft 365 Office apps

Google nukes 224 Android malware apps behind massive ad fraud campaign

Self-propagating supply chain attack hits 187 npm packages

Microsoft: WMIC will be removed after Windows 11 25H2 upgrade

Cybersecurity Dive

Microsoft disrupts global phishing campaign that led to widespread credential theft

Bridgestone Americas restores facilities’ network connections following cyberattack

House spending bill would reauthorize key cybersecurity programs

Jaguar Land Rover extends production delay following cyberattack

Context is key in a world of identity-based attacks and alert fatigue

Schools are getting better at navigating ransomware attacks, Sophos finds

CISA audit sparks debate about cybersecurity pay incentives

FBI warns about 2 campaigns targeting Salesforce instances

CISA pledges robust support for funding, further development of CVE program

Researchers warn VoidProxy phishing platform can bypass MFA

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Scattered Spider gang feigns retirement, breaks into bank instead

Axiom Space aims for orbit with its Orbital Data Center Node

BreachForums kingpin goes from walk-free deal to 3-year stretch

UK telco Colt’s recovery from August cyberattack pushes into November

UEFI Secure Boot for Linux Arm64 – where do we stand?

Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack

Australia to let Big Tech choose its own adventure to enact kids social media ban

Microsoft blocks bait for ‘fastest-growing’ 365 phish kit, seizes 338 domains

Criminals broke into the system Google uses to share info with cops

Apple 0-day likely used in spy attacks affected devices as old as iPhone 8

VentureBeat

TechCrunch

Jaguar Land Rover to pause production for third week due to cyberattack

VC firm Insight Partners says thousands of staff and limited partners had personal data stolen in a ransomware attack

Samsung patches zero-day security flaw used to hack into its customers’ phones

Kering, owner of Gucci, Balenciaga, and other luxury brands, confirms hack

Israel announces seizure of $1.5M from crypto wallets tied to Iran

By popular demand: 10 extra exhibit tables open at TechCrunch Disrupt 2025

Here’s the tech powering ICE’s deportation crackdown

Apple’s latest iPhone security feature just made life more difficult for spyware makers

France says Apple notified victims of new spyware attacks

Kids in the UK are hacking their own schools for dares and notoriety

Network World Security

AI spending to reach $1.5 trillion this year, Gartner says

IT professionals share biggest frustrations, wishes on IT Pro Day

Power availability is slowing data center builds

Arista continues to defy expectations, build enterprise momentum

2025 global network outage report and internet health check

China’s strike on Nvidia threatens global AI supply chains, sparking enterprise concerns

Arista touts liquid cooling, optical tech to reduce power consumption for AI networking

Network and cloud implications of agentic AI

There are 121 AI processor companies. How many will succeed?

F5 to acquire CalypsoAI for advanced AI security capabilities

Help Net Security

Many networking devices are still vulnerable to pixie dust attack

Nagomi Control reveals where organizations are most exposed

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader

BeyondTrust introduces identity security controls for AI

Siren’s K9 uses AI to turn complex investigations into actionable insights

Astrix unveils secure-by-design AI agents to help enterprises manage compliance risk

ManageEngine enhances Log360 to reduce alert fatigue for SOC teams

How a fake ICS network can reveal real cyberattacks

Creating a compliance strategy that works across borders

Rayhunter: EFF releases open-source tool to detect cellular spying

InfoSecurity Magazine

FileFix Campaign Using Steganography and Multistage Payloads

Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution

TaskUs Employees Behind Coinbase Breach, US Court Filing Alleges

Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites

A Quarter of UK and US Firms Suffer Data Poisoning Attacks

Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

Fifteen Ransomware Gangs “Retire,” Future Unclear

Gucci and Alexander McQueen Hit by Customer Data Breach

Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

UK: Tax Refund-Themed Phishing Slows in 2025

© 2025 RiskDiscovery | Sponsored by: Deception Logic