Risk Discovery

DarkReading

GITEX GLOBAL 2025

RCE Flaw in AI-Assisted Coding Tool Poses Software Supply Chain Risk

Cisco User Data Stolen in Vishing Attack

Why the Old Ways Are Still the Best for Most Cybercriminals

Google Chrome Enterprise: More Than an Access Point to the Web

Minimal, Hardened & Updated Daily: The New Standard for Secure Containers

NVIDIA Patches Critical RCE Vulnerability Chain

CISA & FEMA Announce $100M+ in Community Cybersecurity Grants

MacOS Under Attack: How Organizations Can Counter Rising Threats

Threat Actors Increasingly Leaning on GenAI Tools

Ars Technica

Voice phishers strike again, this time hitting Cisco

AI site Perplexity uses “stealth tactics” to flout no-crawl edicts, Cloudflare says

At $250 million, top AI salaries dwarf those of the Manhattan Project and the Space Race

Microsoft catches Russian hackers targeting foreign embassies

In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network

So far, only one-third of Americans have ever used AI for work

Flaw in Gemini CLI coding tool could allow hackers to run nasty commands

AI in Wyoming may soon use more electricity than state’s human residents

OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test

Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel

CyberScoop

Iranian hackers were more coordinated, aligned during Israel conflict than it seemed

Google addresses six vulnerabilities in August’s Android security update

AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges

‘Highly evasive’ Vietnamese-speaking hackers stealing data from thousands of victims in 62+ nations

Details emerge on BlackSuit ransomware takedown

CrowdStrike investigated 320 North Korean IT worker cases in the past year

Senate confirms national cyber director pick Sean Cairncross

Cursor’s AI coding agent morphed ‘into local shell’ with one-line prompt attack

Social engineering attacks surged this past year, Palo Alto Networks report finds

China accuses US of exploiting Microsoft zero-day in cyberattack

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

OpenAI could launch GPT-5 any minute now - what to expect

LG is giving away a free mini-fridge when you buy a full-size one - here's what to know

This USB-C accessory gave my Android and iPhone thermal imaging powers - and it's on sale

I tried DJI's first 360-degree camera, and its recording capabilities blows out the competition

I replaced my Pixel 9 Pro with this $700 Android phone for weeks - and didn't regret it

Perplexity says Cloudflare's accusations of 'stealth' AI scraping are based on embarrassing errors

Don't cancel Netflix yet: I used these secret codes to unlock the full catalog of shows

Changing these 5 TV settings greatly reduced my electricity bill - here's why

uBlock Origin Lite has finally arrived for Safari - with one important caveat

5 settings you should change on your TV to significantly improve the picture quality

The Hacker News

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections

Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild

Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval

Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks

How Top CISOs Save Their SOCs from Alert Chaos to Never Miss Real Incidents

15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign

SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally

⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More

BleepingComputer

Adobe issues emergency fixes for AEM Forms zero-days after PoCs released

The Heat Wasn't Just Outside: Cyber Attacks Spiked in Summer 2025

Cisco discloses data breach impacting Cisco.com user accounts

SonicWall urges admins to disable SSLVPN amid rising attacks

Android gets patches for Qualcomm flaws exploited in attacks

Microsoft increases Zero Day Quest prize pool to $5 million

Fashion giant Chanel hit in wave of Salesforce data theft attacks

Proton fixes Authenticator bug leaking TOTP secrets in logs

Microsoft: Outdated Office apps lose access to voice features in January

CTM360 spots Malicious ‘FraudOnTok’ Campaign Targeting TikTok Shop users

Cybersecurity Dive

Cybersecurity budgets tighten as economic anxiety rises

SonicWall investigating possible zero-day related to firewall attacks

AI is helping hackers automate and customize cyberattacks

Senate confirms Trump’s national cyber director nominee

Ransomware spike linked to potential zero-day flaw in SonicWall devices

Palo Alto Networks investigating ransomware threat related to SharePoint exploitation

DOJ reaches $9.8 million settlement with Illumina over cyber whistleblower claims

Ransomware gangs capitalize on law enforcement takedowns of competitors

Industry groups urge vigilance as Scattered Spider evolves tactics

Palo Alto Networks to buy CyberArk for $25 billion

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Patch now: Millions of Dell PCs with Broadcom chips vulnerable to attack

Study finds humans not completely useless at malware detection

Chained bugs in Nvidia's Triton Inference Server lead to full system compromise

Hacker summer camp: What to expect from BSides, Black Hat, and DEF CON

Antivirus vendors fail to spot persistent, nasty, stealthy Linux backdoor

SonicWall investigates 'cyber incidents,' including ransomware targeting suspected 0-day

Python-powered malware snags hundreds of credit cards, 200K passwords, and 4M cookies

Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons

German phone repair biz collapses following 2023 ransomware attack

When hyperscalers can’t safeguard one nation’s data from another, dark clouds are ahead

VentureBeat

Anthropic’s new Claude 4.1 dominates coding tests days before GPT-5 arrives

ChatGPT rockets to 700M weekly users ahead of GPT-5 launch with reasoning superpowers

Shadow AI adds $670K to breach costs while 97% of enterprises skip basic access controls, IBM reports

Nightfall launches ‘Nyx,’ an AI that automates data loss prevention at enterprise scale

How can enterprises keep systems safe as AI agents join human employees? Cyata launches with a new, dedicated solution

AI vs. AI: Prophet Security raises $30M to replace human analysts with autonomous defenders

ChatGPT just got smarter: OpenAI’s Study Mode helps students learn step-by-step

Sparrow raises $35M Series B to automate the employee leave management nightmare

How E2B became essential to 88% of Fortune 100 companies and raised $21 million

CoSyn: The open-source tool that’s making GPT-4V-level vision AI accessible to everyone

TechCrunch

Hacker used a voice phishing attack to steal Cisco customers’ personal information

SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks

Google says its AI-based bug hunter found 20 security vulnerabilities

Perplexity accused of scraping websites that explicitly blocked AI scraping

North Korean spies posing as remote workers have infiltrated hundreds of companies, says CrowdStrike

A backlog at the Commerce Department is reportedly stalling Nvidia’s H20 chip licenses

Sex toy maker Lovense threatens legal action after fixing security flaws that exposed users’ data

Authorities seize BlackSuit ransomware gang’s servers

Google is experimenting with machine learning-powered age-estimation tech in the US

Palo Alto Networks agrees to buy CyberArk for $25 billion

Network World Security

HPE unveils AI-powered network security and data protection technology

Cisco teams with Hugging Face for AI model anti-malware

2025 global network outage report and internet health check

Riverbed banks on AI-driven network observability

Data neutrality: Safeguarding your AI’s competitive edge

Broadcom expands AI networking portfolio with Jericho4 Ethernet fabric router

Infoblox reinforces DNS defense package

SNIA launches Storage.AI to address AI data infrastructure bottlenecks

Nvidia: Latest news and insights

China demands ‘security evidence’ from Nvidia over H20 chip backdoor fears

Help Net Security

Millions of Dell laptops could be persistently backdoored in ReVault attacks

Project Ire: Microsoft’s autonomous malware detection AI agent

ExtraHop helps SOCs connect the dots with identity-driven detection

Cymulate’s new platform turns threat validation into smarter defense

Manifest AI Risk turns weeks of model vetting into two clicks

Riverbed rolls out AI-powered tools to find and fix network issues faster

New Reveal platform shines a light on post-login identity behavior

Security tooling pitfalls for small teams: Cost, complexity, and low ROI

BloodHound 8.0 debuts with major upgrades in attack path management

Your employees uploaded over a gig of files to GenAI tools last quarter

InfoSecurity Magazine

Chinese Smishing Campaigns Compromise up to 115 Million US Payment Cards

#BHUSA: Experts Urge Greater AI Supply Chain Transparency as GenAI Adoption Surges

Critical Vulnerabilities Found in NVIDIA's Triton Inference Server

Cybersecurity Teams Hit by Lowest Budget Growth in Five Years

Pro-Iran Hackers Aligned Cyber with Kinetic War Aims

AI Fuels Record Number of Fraud Cases

Ghost in the Zip Reveals Expanding Ecosystem Behind PXA Stealer

#BHUSA: Microsoft and Google Among Most Affected as Zero Day Exploits Jump 46%

Web-Based AI Usage Surge Shifts Global Internet Traffic Patterns

Uptick in Akira Ransomware Actors Targeting SonicWall VPNs

© 2025 RiskDiscovery | Sponsored by: Deception Logic