Cybersecurity News | Daily Recap [17 Nov 2025]

hendryadrian.com

hendryadrian.com

Data Breaches

• Multiple providers confirmed incidents exposing customer or internal data, with Eurofiber France reporting data exfiltration, DoorDash confirming stolen personal information, and Logitech acknowledging a breach after being linked to the Oracle incident – Eurofiber Breach, DoorDash Breach, Logitech Breach

Law & Enforcement

• U.S. prosecutors secured multiple guilty pleas in cyber-related cases, including five defendants who admitted to aiding North Korea-linked IT workers and another action resulting in a reported $15M seizure tied to virtual-currency theft – Guilty Pleas (NK), Seizure Case

Malware & APTs

• The “Dragon Breath” campaign uses RONINGLOADER to disable security tools and deploy the Gh0st RAT for stealthy remote access – Dragon Breath
• A North Korean-linked “Contagious Interview” APT abuses JSON Keeper and GitLab to deliver the BeaverTail infostealer and InvisibleFerret RAT via trojanized projects targeting tech professionals – Contagious APT

Vulnerabilities & Advisories

• Siemens SICAM P850 and P855 devices have medium-severity flaws (including CSRF and improper permissions) that could enable remote impersonation; CISA urges updating to version 3.11 or later and restricting network access – Siemens SICAM

Android & Software Security

• Adoption of Rust in Android has driven memory-safety bugs below 20%, improving delivery speed, while Google will start flagging Play Store apps that show excessive battery use to protect users and devices – Android Rust, Battery Flags

Reports & Research

• Weekly threat research roundup and recaps covering recent incidents and analysis were published for the week of 16 Nov 2025 – Weekly Recap

Cybersecurity News | Daily Recap – hendryadrian.com