Cybersecurity News | Daily Recap [15 Nov 2025]

Five U.S. nationals pleaded guilty to schemes that helped North Korean IT workers infiltrate 136 companies and channel about $2 million in illicit payments – NK Guilty, NK Guilty, NK Guilty
North Korean actors are abusing JSON services as covert channels to deliver malware to targeted systems – NK JSON

CL0P claims dozens of victims including Oracle-linked exposures and a confirmed breach at The Washington Post, with vendors like Logitech also hit in extortion incidents – CL0P Hits, CL0P Hits
Payment processor Checkout.com was breached by ShinyHunters via legacy cloud storage; the company refused to pay ransom and donated the demanded amount to research instead – Checkout Breach

Fortinet confirms active exploitation of a critical FortiWeb zero-day and issued a silent patch after attacks were observed – FortiWeb Zero-day, FortiWeb Zero-day
CISA warns that Brightpick AI‘s warehouse automation platform has critical flaws exposing credentials and robotic controls, urging network isolation and secure access – Brightpick Flaws
CISA and partners released an updated advisory on Akira (aka Storm1567) ransomware detailing new TTPs, IOCs, and mitigations for edge devices and backups – Akira Advisory
Siemens reports vulnerabilities in LOGO! 8 devices that could allow remote code execution and device manipulation; CISA recommends mitigations – Siemens LOGO
GitHub Enterprise Server updates (including fixes for CVE-2025-11892) are available and admins are urged to patch immediately – GitHub Fix
A new phishing campaign spoofs users’ own domains with fake spam-filter alerts to harvest credentials via fraudulent login pages – Phishing Alerts

Researchers found critical deserialization and messaging flaws in AI inference stacks (affecting Meta, Nvidia, Microsoft and OSS) that could enable remote code execution and privilege escalation in AI infrastructures – AI Inference Bugs
Reports indicate Chinese state-linked hackers used Anthropic AI systems in dozens of attacks, highlighting risks of AI misuse in operations – Anthropic Abuse
Security researchers and commentators expressed doubt about Anthropic‘s claims that its Claude model automated cyberattacks, prompting scrutiny of the evidence and vendor statements – Claude Claims

The Pentagon unveils CYBERCOM 2.0, a plan to address cyber talent shortfalls and modernize forces to meet evolving threats – CYBERCOM 2.0
U.S. authorities launched a strike force targeting Chinese crypto scam networks blamed for nearly $10 billion in annual U.S. losses, seizing assets and coordinating international takedowns – Crypto Strike

Iranian hackers launched the ‘SpearSpecter’ espionage campaign against defense and government targets to steal sensitive intelligence – SpearSpecter
A cyberattack on a Russian port operator aimed to disrupt coal and fertilizer shipments, signaling economic-impact oriented sabotage – Russian Port

More than 127 groups and civil society organizations condemn proposed EU changes as a digital rights rollback while the European Commission pushes revisions to GDPR and data-protection laws – GDPR Push, GDPR Push

Roundup: layoffs at Deepwatch, a newly disclosed macOS vulnerability, and an Amazon AI bug-bounty announcement are among other industry developments – In Other News

SHARE THIS STORY