Risk Discovery

DarkReading

Multiple ChatGPT Security Bugs Allow Rampant Data Theft

APT 'Bronze Butler' Exploits Zero-Day to Root Japan Orgs

Nikkei Suffers Breach Via Slack Compromise

Operational Technology Security Poses Inherent Risks for Manufacturers

Critical Site Takeover Flaw Affects 400K WordPress Sites

Closing the AI Execution Gap in Cybersecurity — A CISO Framework

Risk 'Comparable' to SolarWinds Incident Lurks in Popular Software Update Tool

Iran's Elusive "SmudgedSerpent' APT Phishes Influential US Policy Wonks

Kimsuky Debuts HTTPTroy Backdoor Against South Korea Users

AI App Spending Report: Where Are the Security Tools?

Ars Technica

Google plans secret AI military outpost on tiny island overrun by crabs

5 AI-developed malware families analyzed by Google fail to work and are easily detected

OpenAI signs massive AI compute deal with Amazon

Two Windows vulnerabilities, one a 0-day, are under active exploitation

ChatGPT maker reportedly eyes $1 trillion IPO despite major quarterly losses

After teen death lawsuits, Character.AI will restrict chats for under-18 users

NPM flooded with malicious packages downloaded more than 86,000 times

Nvidia hits record $5 trillion mark as CEO dismisses AI bubble concerns

New physical attacks are quickly diluting secure enclave defenses from Nvidia, AMD, and Intel

OpenAI data suggests 1 million users discuss suicide with ChatGPT weekly

CyberScoop

SonicWall pins attack on customer portal to undisclosed nation-state

Court reimposes original sentence for Capital One hacker

With each cloud outage, calls for government action grow louder

Congressional leaders want an executive branch strategy on China 6G, tech supply chain

House GOP leaders seek government probe, restrictions on Chinese-made tech

How the F5 breach, CISA job cuts, and a government shutdown are eroding U.S. cyber readiness

North Korean companies, people sanctioned for money laundering from cybercrime, IT worker schemes

Apple addresses more than 100 vulnerabilities in security updates for iPhones, Macs and iPads

Bugcrowd acquires Mayhem Security to advance AI-powered security testing

OPM plans to give CyberCorps members more time to find jobs after shutdown ends

HITBSecNews

Found on VirusTotal: The world’s first UEFI bootkit for Linux

OpenAI is at war with its own Sora video testers following brief public leak

North Korean hackers posing as IT workers steal over $1B in cyberattack

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme

CISA Director Jen Easterly, in Place Since 2021, to Step Down

Man sick of crashes sues Intel for allegedly hiding CPU defects

North Korean hackers target cryptocurrency with malware

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Youth of today say passwords are old news, passkeys are the future

ZDNet

Verizon will give you a free Nintendo Switch right now - here's how

Microsoft researchers tried to manipulate AI agents - and only one resisted all attempts

Google Maps vs. Waze: I compared two of the best navigation apps, and here's who wins

I found the ultimate battery charger, and power users will love its flagship feature

This ultraportable tablet is one of my favorites for media consumption - and it's at a new low price

I wore 5 different headphones across 8 flights - here's how each pair handled my stress tests

I did not expect to like these open-ear headphones as much as I did - just look at them

How to buy the right laptop for school, work, and play (and common mistakes to avoid)

Turn your old tech into Costco gift cards before Black Friday - here's how

I changed 10 settings on my Fire TV to significantly improve the performance

The Hacker News

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine

Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362

From Tabletop to Turnkey: Building Cyber Resilience in Financial Services

ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More

Bitdefender Named a Representative Vendor in the 2025 Gartner® Market Guide for Managed Detection and Response

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach

Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data

Securing the Open Android Ecosystem with Samsung Knox

BleepingComputer

How a ransomware gang encrypted Nevada government's systems

Continuous Purple Teaming: Turning Red-Blue Rivalry into Real Defense

ClickFix malware attacks evolve with multi-OS support, video tutorials

Critical Cisco UCCX flaw lets attackers run commands as root

Sandworm hackers use data wipers to disrupt Ukraine's grain sector

Gootloader malware is back with new tricks after 7-month break

Hyundai AutoEver America data breach exposes SSNs, drivers licenses

CISA warns of critical CentOS Web Panel bug exploited in attacks

Windows 11 Store gets Ninite-style multi-app installer feature

SonicWall says state-sponsored hackers behind September security breach

Cybersecurity Dive

In financial sector, vendors lag behind customers on cybersecurity

SonicWall says state-linked actor behind attacks against cloud backup service

Your AI-driven threat hunting is only as good as your data platform and pipeline

AI-based malware makes attacks stealthier and more adaptive

Hackers targeting Cisco IOS XE devices with BadCandy implant

Researchers warn of flaws that allow manipulation of Microsoft Teams messages

Identity-based attacks need more attention in cloud security strategies

Security leaders say AI can help with governance, threat detection, SOC automation

Cybercrime groups team with organized crime in massive cargo theft campaigns

Windows Server Update Service exploitation ensnares at least 50 victims

Threatpost

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Twitter Whistleblower Complaint: The TL;DR Version

Firewall Bug Under Active Attack Triggers CISA Warning

Fake Reservation Links Prey on Weary Travelers

iPhone Users Urged to Update to Patch 2 Zero-Days

Google Patches Chrome’s Fifth Zero-Day of the Year

The Register

Cisco warns of 'new attack variant' battering firewalls under exploit for 6 months

You'll never guess what the most common passwords are. Oh, wait, yes you will

SonicWall fingers state-backed cyber crew for September firewall breach

Malware-pwned laptop gifts cybercriminals Nikkei's Slack

Why UK businesses are paying ICO millions for password mistakes you're probably making right now

Uncle Sam lets Google take Wiz for $32B

AMD red-faced over random-number bug that kills cryptographic security

Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes

M&S pegs cyberattack cleanup costs at £136M as profits slump

Famed software engineer DJB tries Fil-C… and likes what he sees

VentureBeat

How Anthropic's Claude cuts SOC investigation time from 5 hours to 7 minutes

CrowdStrike & NVIDIA’s open source AI gives enterprises the edge against machine-speed attacks

Meet Aardvark, OpenAI’s security agent for code analysis and patching

Security's AI dilemma: Moving faster while risking more

Fortanix and NVIDIA partner on AI security platform for highly regulated industries

Your IT stack is the enemy: How 84% of attacks evade detection by turning trusted tools against you

When your AI browser becomes your enemy: The Comet security disaster

Agentic AI security breaches are coming: 7 ways to make sure it's not your firm

Cisco warns enterprises: Without tapping machine data, your AI strategy is incomplete

Microsoft launches 'Hey Copilot' voice assistant and autonomous agents for all Windows 11 PCs

TechCrunch

Italian political consultant says he was targeted with Paragon spyware

University of Pennsylvania confirms hacker stole data during cyberattack

Google gets the US government’s green light to acquire Wiz for $32B

Armis raises $435M pre-IPO round at $6.1B valuation after refusing M&A offers

Phone location data of top EU officials for sale, report finds

Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers

How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia

DOJ accuses US ransomware negotiators of launching their own ransomware attacks

Hackers threaten to leak data after breaching University of Pennsylvania to send mass emails

Government hackers breached telecom giant Ribbon for months before getting caught

Network World Security

Google Cloud aims for more cost-effective Arm computing with Axion N4A

Google’s cheaper, faster TPUs are here, while users of other AI processors face a supply crunch

Top network and data center events 2025 & 2026

Network jobs watch: Hiring, skills and certification trends

Cisco launches AI infrastructure, AI practitioner certifications

Perplexity’s open-source tool to run trillion-parameter models without costly upgrades

Space: The final frontier for data processing

ZincFive targets AI data centers with new energy system

Arista shares Q3 financials, touts ‘golden era in networking’

AI, greed cause massive spike in memory prices

Help Net Security

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354)

Ping Identity offers protection against adversarial AI threats

Team Cymru RADAR investigates external infrastructure in real time

SonicWall cloud backup hack was the work of a state actor

Prowler embeds AI directly into security workflows

Russia-linked hackers intensify attacks as global APT activity shifts

1touch.io Kontxtual provides LLM-driven control over sensitive data

Aptori Code-Q delivers verified, explainable fixes that integrate into development workflows

MajorKey IDProof+ combats AI-driven fraud

Hypori Secure Workspace Ecosystem helps IT teams protect enterprise data

InfoSecurity Magazine

“I Paid Twice” Phishing Campaign Targets Booking.com

Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models

Hacktivist-Driven DDoS Dominates Attacks on Public Sector

AI-Enabled Malware Now Actively Deployed, Says Google

Google Forecasts Rise of Cyber-Physical Attacks Targeting Europe in 2026

Operation Chargeback Uncovers €300m Fraud Scheme in 193 Countries

UNK_SmudgedSerpent Targets Academics With Political Lures

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

SMS Fraud Losses Set to Decline 11% in 2026

Hundreds of Malware-Laden Apps Downloaded 42 Million Times From Google Play

© 2025 RiskDiscovery | Sponsored by: Deception Logic