![Cybersecurity News | Daily Recap [29 Nov 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [29 Nov 2025]")
Daily Recap, Japanโs Asahi reports a ransomware-related data breach that may have exposed personal data of about 1.5 million people, while Franceโs Football Federation disclosed a cyberattack compromising administrative software and stealing member data. In malware and supply chain news, North Korea-linked actors deployed 197 npm packages to distribute the OtterCookie malware, legacy PyPI bootstrap scripts create a domain-takeover risk, public GitLab repositories exposed over 17,000 secrets, Windows updates hid the password login icon on the lock screen, and the in-flight Wi-Fi attacker was sentenced to seven years in prison. #AsahiBreaches #OtterCookie
Data Breaches
- Japan beer giant Asahi reports a ransomware-related data breach that may have exposed personal data of 1.5 million people โ Asahi Breach, Asahi Ransom
- The French Football Federation discloses a cyberattack that compromised administrative software and resulted in stolen member data โ FFF Breach, Football Data, FFF Disclosure
Malware & Supply Chain
- North Korea-linked actors deployed 197 npm packages to distribute an updated OtterCookie malware strain via the npm ecosystem โ OtterCookie Campaign
- Legacy Python bootstrap scripts in multiple PyPI packages create a domain-takeover risk that could enable supply-chain compromise โ PyPI Bootstrap
Secrets & Misconfigurations
- Public GitLab repositories were found exposing more than 17,000 secrets, including credentials and keys, posing widespread risk โ GitLab Secrets
System & User Impact
- Microsoft Windows updates made the password login icon invisible on the lock screen, impacting users who rely on password sign-in โ Windows Update
Threat Actors & Legal
- The man behind in-flight โevil twinโ WiโFi attacks has been sentenced to 7 years in prison for conducting WiโFi-based credential theft and related offenses โ WiโFi Sentence