Jaguar Land Rover Reels from £680M Cyberattack Loss; Cl0p Exploits Oracle Zero-Day in Massive Campaign

Publication Date: November 17, 2025

Summary

This intelligence brief for November 16-17, 2025, covers a series of high-impact cyber events. Key incidents include Jaguar Land Rover's staggering £680 million loss from a production-halting cyberattack, a widespread campaign by the Cl0p ransomware gang exploiting an Oracle E-Business Suite zero-day to breach Logitech and others, and the introduction of a sweeping new cybersecurity bill in the UK. Other major events include the discovery of 150,000 malicious NPM packages in a crypto-farming scheme, an actively exploited Windows Kernel zero-day patch from Microsoft, and multiple data breaches affecting DoorDash and Eurofiber.

Today New Articles

DoorDash Hit by Data Breach After Employee Targeted in Social Engineering Scam

Food delivery service DoorDash has confirmed a data breach after an employee was compromised by a social engineering scam, allowing an unauthorized third party to access internal systems. The breach exposed the names, physical addresses, phone numbers, and ema...

Iranian APT 'SpearSpecter' Targets Officials' Families in Sophisticated Espionage Campaign

The Iranian state-sponsored group APT42, also known by aliases like SpearSpecter, is conducting a highly sophisticated and ongoing espionage campaign targeting senior defense and government officials. According to the Israel National Digital Agency, the threat...

Eurofiber Breach Exposes Thales, Orange, and French Government Data in Major Supply Chain Incident

European digital infrastructure provider Eurofiber has confirmed a major data breach in its French division, potentially exposing sensitive data from over 3,600 clients, including major corporations like Thales and Orange, and several French government ministr...

Pro-Russian Hackers Target Denmark with DDoS Attacks Ahead of Elections

The pro-Russian hacktivist group NoName057(16) has claimed responsibility for a series of Distributed Denial-of-Service (DDoS) attacks that targeted Danish government websites, political parties, and defense-related entities. The attacks, which occurred just b...

Article Updates

Washington Post Breached by Clop Ransomware via Oracle Flaws

Update:New information confirms the Clop ransomware group exploited a zero-day vulnerability, now tracked as CVE-2025-61882, in Oracle's E-Business Suite. This critical flaw allowed for unauthorized data access and was actively exploited for months before patches wer...

Microsoft Patches Actively Exploited Windows Kernel Zero-Day in November Update

Update:The update details two new critical vulnerabilities: CVE-2025-60274, a Windows GDI+ Remote Code Execution flaw with a CVSS of 9.8, and CVE-2025-62199, an RCE in Microsoft Office. These additions significantly broaden the scope of critical issues addressed in t...