![Cybersecurity News | Daily Recap [13 Nov 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [13 Nov 2025]")
Daily Recap, Law enforcement dismantled global botnets including Rhadamanthys, VenomRAT, and Elysium across 1,025 seized servers, marking a coordinated takedown. The drive highlights cross-border operations and ongoing efforts to curb botnet-led cybercrime. #Rhadamanthys #VenomRAT #Elysium
Botnet Takedowns
- Law enforcement dismantled global botnets and seized 1,025 servers, disrupting operations of Rhadamanthys, VenomRAT and Elysium in a coordinated strike – Rhadamanthys Takedown, Operation Endgame, Takedown Roundup, Endgame Report, Servers Seized
Open-Source Supply Chain
- Researchers uncovered the IndonesianFoods spam campaign that flooded the npm registry with a worm-like spam of over 67,000 fake packages, distributing self-replicating payloads and monetization hooks – npm Spam, npm Worm, 43k Report
Vulnerabilities & Exploits
- Cisco and Citrix zero-days are being actively exploited in the wild, with CISA urging federal patching as agencies lag and vendors/Amazon confirm observed attacks – Cisco Patch Warning, CVE Exploits, Amazon Findings, Federal Patch Gap, ThreatsDay
- A critical WatchGuard Firebox/Fireware flaw under active exploitation exposes roughly 54,000 devices to no-login attacks and prompted CISA advisories – WatchGuard Exploited, CISA WatchGuard Alert, 54k Fireboxes
Mobile & Spyware
- Popular Android-based digital photo frames were found downloading malware on boot, exposing IoT devices to persistent infection – Photo Frame Malware
- Attackers abused KakaoTalk and Google Find Hub features to deliver Android spyware and exfiltrate data from victims’ devices – KakaoTalk Spyware
- Classic DarkComet spyware resurfaced disguised as fake Bitcoin wallet apps to trick users into installing backdoors – DarkComet Ruse
Malware Returns
- The Windows-focused banking trojan DanaBot reemerged after a six-month hiatus, resuming infections and campaigns against Windows hosts – DanaBot Return
Scams & Enforcement
- Google sued to dismantle a China-based phishing platform tied to US toll scams and a reported $1 billion Lighthouse phishing operation, seeking injunctions against operators – Google Lawsuit, Lighthouse Suit
- The US announced a regional “strike force” and imposed sanctions (including on Myanmar actors) to counter Southeast Asian cyber scams and toll-fraud networks – US Strike Force, US Sanctions
- Swiss authorities’ NCSC warned of targeted phishing scams preying on crypto users and seniors, highlighting ongoing credential and fraud risks – Swiss Phishing
Breaches & Targets
- The NHS is investigating claims that an incident involving Oracle E-Business Suite (EBS) affected more than 40 alleged victims named by hackers, with inquiries ongoing – NHS Oracle Probe
Software Updates & Features
- Microsoft rolled out a “Prevent screen capture” control for Teams Premium to block screenshots/recordings on Windows and Android during meetings — mitigates leaks though physical photos remain a bypass – Teams Screen Guard
- Microsoft also fixed a bug producing false Windows 10 end-of-support alerts and Windows 11 gained support for 3rd-party apps to manage native passkeys, improving auth UX and accuracy – Win10 Alert Fix, Passkey Support
- Firefox 145 and Chrome 142 released updates addressing multiple high-severity vulnerabilities — users should update promptly – Browser Patches
AI Risk & Strategy
- OpenAI is fighting a court order to indefinitely retain chat data in the NYT copyright dispute, a case that could reshape AI data-retention and privacy obligations – OpenAI Data Fight
- Industry and professional bodies warn that rapid AI adoption raises cyber risks for businesses, while experts push for extending Zero Trust to autonomous AI agents and machine-speed security defenses for 2026 – AI Risk Warning, Zero Trust for AI, Machine-Speed Security
Analysis & Events
- Security analysts argue TTP-based defenses outperform traditional IoC hunting for detecting modern threats, underscoring a shift to behavior-focused detection – TTP vs IoC
- Today’s virtual CISO Forum 2025 summit and roundups such as ThreatsDay provide consolidated briefings on emerging 0-days, AI bug bounties and crypto heists — timely for defenders – CISO Forum, ThreatsDay Bulletin
Geopolitics & Incidents
- A senior strategist warned that China’s cyber silence is more concerning than noisy campaigns, highlighting strategic uncertainty in attribution and intent – China Silence
- Russia instituted a 24-hour mobile internet blackout for returning travelers amid security concerns, a measure tied to domestic incident responses — impacting connectivity for returnees – Russia Blackout
Policy & Legislation
- The UK government introduced a new Cyber Security and Resilience Bill to strengthen national cyber defenses and regulatory powers for critical sectors – UK Cyber Bill