Daily Digest

China's Cyber Arsenal Exposed in Massive Leak; Critical Flaws Threaten QNAP, Docker, and Kubernetes

China's Cyber Arsenal Exposed in Massive Leak; Critical Flaws Threaten QNAP, Docker, and Kubernetes

November 10, 2025
7 articles (7 new)
21 min read

Summary

This cybersecurity brief for November 10, 2025, covers a series of high-impact events. A catastrophic data breach at Chinese firm Knownsec has exposed state-sponsored hacking tools and global target lists. Concurrently, critical zero-day vulnerabilities are forcing urgent patches for QNAP NAS devices and the runC container runtime, which underpins Docker and Kubernetes. Other major incidents include a significant data breach affecting 1.5 million Swedes, a cyberattack on the U.S. Congressional Budget Office, and new regulatory rollouts from the DoD and guidance from the OWASP Foundation.

Filter by Category

New Articles (7)

China's Cyber Arsenal Exposed: Knownsec Breach Leaks State Hacking Tools and Global Target Lists

CRITICAL

Catastrophic Breach at Chinese Cybersecurity Firm Knownsec Exposes State-Sponsored Hacking Tools and Global Surveillance Targets

A monumental data breach at Knownsec, a prominent Chinese cybersecurity firm with close government ties, has resulted in the exposure of over 12,000 classified documents. The leak, which occurred in early November 2025, provides an unprecedented view into China's offensive cyber capabilities, revealing a sophisticated arsenal of malware for multiple operating systems, custom hardware attack tools, and an extensive list of global espionage targets. The compromised data details large-scale data theft from countries including India, South Korea, and Taiwan, targeting critical infrastructure, government databases, and telecommunications networks, signaling a major intelligence failure for China's state-sponsored cyber operations.

November 10, 2025
6 min read
Data LeakState-Sponsored HackingChinaEspionageRAT +2 more
China's Cyber Arsenal Exposed: Knownsec Breach Leaks State Hacking Tools and Global Target Lists

Swedish IT Supplier Breach Exposes Personal Data of 1.5 Million Citizens

HIGH

Datacarry Ransomware Hits Swedish IT Provider Miljödata, Leaking Data of 1.5 Million People and Disrupting Municipal Services

The 'Datacarry' ransomware group has claimed responsibility for a major cyberattack on Miljödata, a Swedish IT supplier for local governments, exposing the sensitive personal data of up to 1.5 million people. The attack, which occurred in August 2025, targeted the company's HR systems, leading to the theft of names, government IDs, and contact information. The 224MB data archive was subsequently published on the dark web. The breach has caused service disruptions for numerous Swedish municipalities and affected data from major companies like SAS and Volvo. The incident is now under a national privacy investigation for potential GDPR violations.

November 10, 2025
5 min read
RansomwareDatacarryContiData BreachSweden +2 more
Swedish IT Supplier Breach Exposes Personal Data of 1.5 Million Citizens

EU Governments Under Siege: ENISA Reports Massive Surge in DDoS and Data Attacks

HIGH

ENISA Threat Report: EU Public Administrations Targeted by DDoS, Ransomware, and State-Sponsored Espionage

A new threat landscape report from the EU Agency for Cybersecurity (ENISA) reveals that public administrations across the European Union are facing a dramatic increase in cyberattacks. DDoS attacks, largely driven by pro-Russia hacktivist groups like NoName057(16), account for 60% of all incidents, primarily targeting central governments. While disruptive, the report warns that data breaches (17.4%) and ransomware (10%) pose a more significant threat to the continuity of essential public services. ENISA also highlights ongoing espionage campaigns by Russian and Chinese state actors, and notes that the sector's immaturity under the new NIS2 Directive places it in a high-risk zone.

November 10, 2025
5 min read
ENISADDoSHacktivismNoName057(16)Ransomware +3 more
EU Governments Under Siege: ENISA Reports Massive Surge in DDoS and Data Attacks

It's Official: DoD Begins Phased Rollout of CMMC Cybersecurity Program

INFORMATIONAL

Pentagon's CMMC Program Commences Phased Rollout, Mandating Cybersecurity Compliance for Defense Contractors

The U.S. Department of Defense (DoD) has officially started the phased, three-year implementation of its Cybersecurity Maturity Model Certification (CMMC) program as of November 10, 2025. DoD contracting officers can now begin inserting CMMC requirements into new solicitations for the Defense Industrial Base (DIB). The first phase requires contractors handling Federal Contract Information (FCI) or some Controlled Unclassified Information (CUI) to perform self-assessments. More stringent third-party certification requirements for higher CMMC levels will be introduced in subsequent phases, with full implementation expected by late 2028, fundamentally changing the security landscape for all DoD contractors.

November 10, 2025
4 min read
CMMCDoDDFARSNIST 800-171Compliance +2 more
It's Official: DoD Begins Phased Rollout of CMMC Cybersecurity Program

OWASP Top 10 for 2025 Released, Spotlighting Supply Chain and Design Flaws

INFORMATIONAL

OWASP Publishes 2025 Top 10 Release Candidate, Introducing 'Software Supply Chain Failures' as a Major New Risk Category

The OWASP Foundation has released the 2025 release candidate for its influential Top 10 list of web application security risks. This update signals a major shift in focus, with the introduction of new categories like 'A03: Software Supply Chain Failures' and 'A10: Mishandling of Exceptional Conditions'. 'Broken Access Control' remains the top risk, but 'Security Misconfiguration' has climbed to the number two spot. The 2025 list emphasizes a move away from fixing individual bugs towards addressing systemic root causes like insecure design and dependency management, reflecting the modern threat landscape of complex, interconnected applications.

November 10, 2025
4 min read
OWASPOWASP Top 10Application SecurityAppSecDevSecOps +2 more
OWASP Top 10 for 2025 Released, Spotlighting Supply Chain and Design Flaws

Akira Ransomware Hits US Manufacturer Koch & Co., Threatens to Leak 54GB of Data

HIGH

Akira Ransomware Group Claims Cyberattack on Koch & Co., Allegedly Stealing 54GB of Financial and HR Data

The Akira ransomware group has added U.S. manufacturer Koch & Co., Inc. to its list of victims. In a November 7 post on its dark web leak site, the group claimed to have stolen 54 gigabytes of sensitive corporate data, including detailed financials, contracts, and HR files. Akira is threatening to publish the data if a ransom is not paid. This attack is characteristic of Akira's double-extortion tactics, targeting mid-sized organizations with data exfiltration followed by encryption. Koch & Co. has not yet issued a public statement on the incident.

November 10, 2025
5 min read
AkiraRansomwareData BreachManufacturingDouble Extortion
Akira Ransomware Hits US Manufacturer Koch & Co., Threatens to Leak 54GB of Data

OSCE Guide Urges Unified Cyber-Physical Defense for Critical Infrastructure

INFORMATIONAL

OSCE Releases Technical Guide Calling for Convergence of Physical and Cybersecurity to Protect Critical Infrastructure

The Organization for Security and Cooperation in Europe (OSCE) has published a new technical guide advising governments and operators to adopt a unified approach to securing critical infrastructure. The guide emphasizes the growing convergence of physical and cybersecurity domains, warning that siloed security teams lack a holistic view of modern threats. It highlights how internet-connected Industrial Control Systems (ICS) have expanded the attack surface, making infrastructure vulnerable to remote cyberattacks. The document provides recommendations for integrating intrusion detection, access control, and insider threat management into a single, cohesive security framework.

November 10, 2025
4 min read
OSCECritical InfrastructureICSOT SecurityCyber-Physical +2 more
OSCE Guide Urges Unified Cyber-Physical Defense for Critical Infrastructure

📢 Share This Publication

Help others stay informed about cybersecurity threats

📅 Daily Edition

Curated and deduplicated every day from dozens of trusted sources — giving you one clean, consolidated view of what matters in cybersecurity.

🔢 Deduplication Applied

Related stories are merged into a single evolving article rather than repeated as separate entries — cutting through noise so you only read what's new.

🔗 Full Articles Linked

Every entry links to its full enriched article — complete with MITRE ATT&CK mappings, extracted IOCs, and actionable detection and mitigation guidance.