Penn Breach Exposes 1.2M Records; Critical Android Zero-Click & Chinese APTs Target Zero-Days

Publication Date: November 2, 2025

Summary

This cybersecurity brief for November 2nd, 2025, covers a series of high-impact security incidents. A massive data breach at the University of Pennsylvania has allegedly exposed 1.2 million donor records. Google has issued an urgent patch for a critical zero-click RCE vulnerability in Android. Meanwhile, Chinese state-sponsored threat actors, including Bronze Butler and UNC6384, are actively exploiting zero-day vulnerabilities in Lanscope and Windows systems to deploy malware and spy on targets in Europe and Asia. Other significant events include a major data breach at a Polish loan company and an Australian government warning about new malware targeting Cisco devices.

Today New Articles

Penn Data Breach: Hacker Claims 1.2M Donor Records Stolen, Exposes "Terrible Security"

A threat actor has claimed responsibility for a massive data breach at the University of Pennsylvania, asserting they have stolen the personal and financial data of 1.2 million donors and alumni. The breach was first revealed after offensive emails were sent f...

Polish Government Confirms "Very Serious" Data Breach at SuperGrosz Loan Platform

Polish authorities, led by the Deputy Prime Minister, have confirmed a "very serious" data breach at the online loan platform SuperGrosz. The attack resulted in the theft of a vast repository of sensitive customer information, including full names, national id...

Google Patches Critical Zero-Click RCE Flaw in Android; Millions of Devices at Risk

Google's November 2025 Android Security Bulletin includes a patch for a critical zero-click remote code execution (RCE) vulnerability, tracked as CVE-2025-48593. The flaw, residing in the Android System component, affects Android versions 13, 14, 15, and 16, a...

"SleepyDuck" RAT Emerges in Open VSX Marketplace via Malicious Update

A new remote access trojan (RAT) named "SleepyDuck" has been discovered in the Open VSX marketplace, a popular repository for IDE extensions. A seemingly benign developer extension, 'juan-bianco.solidity-vlang', was updated on November 1, 2025, to include the...

Samsung's November Security Update Patches 45 Vulnerabilities, Including Critical Android Flaws

Samsung has released its November 2025 security maintenance release, delivering patches for 45 vulnerabilities affecting its Galaxy smartphones and tablets. The update incorporates Google's latest Android patches, including a fix for the critical zero-click RC...

openSUSE Patches Moderate-Severity Flaws in X.Org Server

The openSUSE project released a security advisory on November 1, 2025, to address three moderate-severity vulnerabilities in the xorg-x11-server package for its Tumbleweed distribution. The flaws could lead to out-of-bounds memory access, potentially resulting...

T-Mobile Enters Credit Card Market with Capital One, Raising Data Security Questions

T-Mobile announced its entry into the financial services sector with the launch of its first-ever credit card, created in partnership with banking giant Capital One. This strategic move will leverage T-Mobile's vast customer base and Capital One's financial in...

Article Updates

CISA Adds Actively Exploited Motex LANSCOPE RCE Flaw to KEV Catalog

Update:New intelligence attributes the active exploitation of CVE-2025-61932 to the China-linked 'Bronze Butler' (Tick) APT group. Researchers confirm the group exploited this vulnerability as a zero-day, initiating attacks in mid-2025, months before a patch was avai...