Daily Digest

Insider Threats, Zero-Days, and Ransomware Shake Global Cybersecurity Landscape

Insider Threats, Zero-Days, and Ransomware Shake Global Cybersecurity Landscape

November 4, 2025
5 articles (4 new, 1 updated)
15 min read

Summary

This 24-hour cybersecurity brief for November 4, 2025, covers critical developments including the indictment of cybersecurity professionals for running a BlackCat ransomware ring, a severe zero-click RCE in Android, and a new Cl0p campaign exploiting an Oracle zero-day. Reports also highlight the emergence of the Conti-derived DragonForce ransomware and the massive financial fallout for SK Telecom after a major data breach.

Filter by Category

New Articles (4)

Millions of Devs at Risk: Critical RCE Flaw in Popular React Native Package

CRITICAL

Critical RCE Vulnerability (CVE-2025-11953) in React Native NPM Package Puts Developers at Risk

A critical remote code execution (RCE) vulnerability, CVE-2025-11953, has been discovered in a popular React Native command-line tool, putting millions of developers at risk. The flaw, rated 9.8 on the CVSS scale, exists in the '@react-native-community/cli' NPM package and allows an unauthenticated attacker to execute arbitrary code on a developer's machine by sending a malicious request to the Metro development server. This could lead to source code theft, malware injection, or a full-blown supply chain attack. Meta has released a patch, and developers are strongly urged to update their dependencies.

November 4, 2025
3 min read
React NativeNPMRCEsupply chaindeveloper security +1 more
Millions of Devs at Risk: Critical RCE Flaw in Popular React Native Package
Vulnerability
Supply Chain Attack
Patch Management

Conti's Ghost: New 'DragonForce' Ransomware Adopts Cartel Model

HIGH

DragonForce Ransomware Emerges, Using Leaked Conti Code and a 'Cartel-Style' Affiliate Model

A new ransomware operation named DragonForce has been identified by security researchers, notable for its use of leaked source code from the infamous Conti ransomware. Instead of a traditional Ransomware-as-a-Service (RaaS) model, DragonForce operates with a 'cartel-like' structure, providing affiliates with a builder to create their own branded ransomware variants. This approach facilitates the rapid proliferation of new threats, with groups like 'Devman' already seen deploying malware created with the DragonForce builder. The core malware retains Conti's technical features, including its encryption scheme and ability to spread via SMB.

November 4, 2025
4 min read
DragonForceContiransomwarecartelRaaS +2 more
Conti's Ghost: New 'DragonForce' Ransomware Adopts Cartel Model
Ransomware
Threat Actor
Malware

EU Stress-Tests Cyber Defenses in Large-Scale Crisis Simulation

INFORMATIONAL

EU Conducts 'BlueOLEx 2025' Exercise to Test Joint Response to Major Cyber Crises

The European Union has concluded its 2025 'Blueprint Operational Level Exercise' (BlueOLEx), a large-scale simulation designed to test and improve the bloc's collective response to major cybersecurity crises. Hosted in Cyprus with support from the EU's cybersecurity agency, ENISA, the exercise brought together senior officials from all member states to role-play a significant cyber incident affecting critical sectors. The drill was the first to test the new EU Cyber Blueprint, which aims to clarify roles and streamline coordination between national authorities and the European Commission during a cross-border attack.

November 4, 2025
3 min read
EUENISAcyber exercisecrisis responsepolicy +2 more
EU Stress-Tests Cyber Defenses in Large-Scale Crisis Simulation
Policy and Compliance
Regulatory
Security Operations

Philippine Police Brace for Coordinated DDoS Attacks on Government Websites

MEDIUM

Philippine National Police on High Alert for Anticipated DDoS Attacks on Government Websites

The Philippine National Police (PNP) has mobilized its cybersecurity units and placed them on high alert in anticipation of a potential large-scale distributed denial-of-service (DDoS) campaign targeting government websites. According to intelligence, the attacks are slated to begin on November 5, 2025. The PNP is coordinating with the Department of Information and Communications Technology (DICT) and other national agencies to harden critical digital infrastructure and prepare rapid response teams to mitigate any disruption to public services.

November 4, 2025
4 min read
DDoSPhilippinesgovernmentthreat intelligencealert +1 more
Philippine Police Brace for Coordinated DDoS Attacks on Government Websites
Cyberattack
Security Operations
Policy and Compliance

Updated Articles (1)

US Cyber Threat Sharing Law 'CISA 2015' Expires, Creating Potential Intelligence Gap

MEDIUM

Cybersecurity Information Sharing Act of 2015 Sunsets, Sparking Industry Fears of Reduced Public-Private Collaboration

Update:

The U.S. House Committee on Homeland Security's 'Cyber Threat Snapshot' warns that national cyber defenses are severely hampered by the ongoing federal government shutdown and the continued lapse of CISA 2015. This dual crisis creates 'dangerous blind spots' amidst escalating threats from nation-state actors like China and Iran, with a 133% spike in Iranian attacks and a rise in AI-driven cyberattacks. The report emphasizes reduced situational awareness and increased risk to critical infrastructure, urging immediate action to restore funding and information-sharing legislation.

October 10, 2025
Updated: November 4, 2025
5 min read
cybersecurity lawinformation sharingthreat intelligenceUS governmentpolicy +1 more
US Cyber Threat Sharing Law 'CISA 2015' Expires, Creating Potential Intelligence Gap
Policy and Compliance
Regulatory
Threat Intelligence

📢 Share This Publication

Help others stay informed about cybersecurity threats