Ransomware Cripples US Emergency Alerts and London Councils; Critical Flaws in Azure and Oracle Under Active Attack
Summary
This cybersecurity brief for November 26-27, 2025, covers a series of high-impact ransomware attacks and critical vulnerability disclosures. The Inc Ransom group disrupted the CodeRED emergency alert system across the U.S., while a separate attack crippled services for three London councils. The Akira ransomware gang claimed attacks on five North American firms. Concurrently, CISA issued warnings for actively exploited vulnerabilities in Oracle Identity Manager (CVE-2025-61757) and spyware targeting messaging apps. A critical CVSS 10.0 authentication bypass flaw (CVE-2025-49752) was also discovered in Microsoft's Azure Bastion service, highlighting significant risks in both public infrastructure and cloud environments.
Today New Articles
Major Cyberattack Hits Three London Councils, Crippling Public Services
A major cyber incident was declared on November 26, 2025, after a coordinated attack struck the shared IT infrastructure of three London councils: the Royal Borough of Kensington and Chelsea (RBKC), Westminster City Council (WCC), and the London Borough of Ham...
Supply Chain Breach at Vendor Marquis Exposes Data From Dozens of US Banks
A ransomware attack on Marquis Software Solutions, a marketing and data analytics vendor for the financial industry, has resulted in a significant supply chain data breach affecting dozens of U.S. banks and credit unions. Marquis began notifying its clients on...
New 'HashJack' Attack Injects Malicious Prompts into AI Browsers
On November 26, 2025, researchers disclosed a novel indirect prompt injection attack called 'HashJack' that targets AI-enabled web browsers. The technique works by embedding malicious instructions in the fragment portion of a URL (the text following a '#' symb...
Mitsubishi ICS Software Flaw Exposes Credentials in Plaintext
On November 27, 2025, Mitsubishi Electric issued a security advisory for CVE-2025-3784, an information disclosure vulnerability in its GX Works2 industrial control system (ICS) software. The flaw, which affects all versions of the software, involves the storag...
Article Updates
Asahi Breweries Crippled by Ransomware Attack, Shipments Plummet to 10% Ahead of Peak Holiday Season
Update:The ransomware attack on Asahi Group Holdings, now attributed to the Qilin group, occurred in September 2025. Reports from November 27, 2025, confirm the company is still experiencing severe operational and financial consequences. The incident has forced ongoi...
Critical 10.0 CVSS Flaw in Azure Bastion Allows Full Cloud Takeover
Update:New details for CVE-2025-49752 include monitoring Azure Network Security Group (NSG) Flow Logs and VM login events (Windows Event ID 4624/Linux auth.log) for suspicious activity. Remediation advice now emphasizes restricting access with NSGs and implementing z...