Daily Digest

Supply Chain Under Siege: Malicious VS Code Extension, APT36 Linux Malware, and Major Data Breaches Rattle Global Industries

Supply Chain Under Siege: Malicious VS Code Extension, APT36 Linux Malware, and Major Data Breaches Rattle Global Industries

November 30, 2025
8 articles (7 new, 1 updated)
24 min read

Summary

This cybersecurity brief for November 29-30, 2025, covers a series of high-impact incidents, led by the discovery of a malicious Visual Studio Code extension that infected over 16,000 developers using a sophisticated Solana blockchain-based C2. Concurrently, the APT36 threat actor escalated its cyber-espionage efforts by deploying custom Linux malware against Indian government entities. The period also saw major data breaches, including the exposure of Amazon data center blueprints from a steel contractor and the theft of 6.1 million Netmarble user records. In the financial sector, a DeFi exploit drained $9 million from Yearn Finance, while regulatory actions saw Comcast fined $1.5 million for a vendor-related breach, underscoring the pervasive risk across software development, government, and corporate supply chains.

Filter by Category

New Articles (7)

US Probes Bitcoin Mining Giant Bitmain for National Security Threats

MEDIUM

Operation Red Sunset: U.S. Investigates Bitmain Hardware for Espionage Backdoors and Grid Sabotage Risks

The U.S. Department of Homeland Security is reportedly conducting a probe, codenamed 'Operation Red Sunset,' into Chinese bitcoin mining hardware manufacturer Bitmain. According to reports from November 29, 2025, the investigation centers on fears that Bitmain's mining devices could contain hidden backdoors for espionage or capabilities to sabotage the U.S. electrical grid. The probe allegedly involves physically inspecting imported hardware at U.S. ports for kill switches or remote access features. Bitmain has denied the allegations, but the investigation highlights growing national security concerns surrounding foreign-made hardware in critical infrastructure sectors.

November 30, 2025
5 min read
BitmainNational SecurityDHSSupply ChainHardware Security +1 more
US Probes Bitcoin Mining Giant Bitmain for National Security Threats

Yearn Finance Hit by $9M 'Infinite Mint' Exploit

HIGH

DeFi Protocol Yearn Finance Drained of $9 Million in Legacy Smart Contract Exploit

On November 30, 2025, the DeFi protocol Yearn Finance was exploited for approximately $9 million. The attacker leveraged a flaw in a legacy yETH stableswap smart contract, using a deposit of just 16 wei (a fraction of a cent) to mint a massive 235 septillion yETH tokens. The vulnerability stemmed from the contract's failure to clear cached storage variables after liquidity was fully drained. By manipulating these phantom balances, the attacker triggered an 'infinite mint' condition, subsequently draining the pool's assets into a Balancer pool. Around $3 million was quickly laundered through the Tornado Cash mixer.

November 30, 2025
5 min read
Yearn FinanceDeFiSmart ContractExploitCryptocurrency +1 more
Yearn Finance Hit by $9M 'Infinite Mint' Exploit

Amazon Data Center Blueprints Leaked in Breach of Steel Contractor

CRITICAL

Supply Chain Breach at Cooper Steel Fabricators Exposes Sensitive Blueprints for Amazon and Walmart Projects

A significant data breach at Cooper Steel Fabricators, a major U.S. structural steel contractor, was reported on November 30, 2025. A threat actor is selling a 330 GB database, claiming it is a 'complete mirror' of the company's FTP server. The asking price is $28,500. The leaked data allegedly contains highly sensitive intellectual property, including detailed blueprints and structural models for an Amazon data center in Ohio and a sorting facility in Massachusetts. Blueprints for Walmart distribution centers are also included, highlighting the severe supply chain risks that can expose the critical infrastructure plans of major corporations.

November 30, 2025
5 min read
Data BreachSupply ChainAmazonWalmartFTP +1 more
Amazon Data Center Blueprints Leaked in Breach of Steel Contractor

Gaming Giant Netmarble Breached, 6.1 Million Users' Data Exposed

HIGH

Netmarble Confirms Data Breach Affecting 6.11 Million Members, Faces Criticism for Delayed Reporting

South Korean gaming company Netmarble confirmed on November 30, 2025, that it suffered a data breach on November 22, exposing the personal information of 6.11 million members of its PC game portal. The compromised data includes names, birthdates, and encrypted passwords. The leak also affected 66,000 PC cafe owners and 17,000 current and former employees. Netmarble came under fire for waiting nearly 72 hours to report the incident to the Korea Internet & Security Agency (KISA), raising concerns about its incident response transparency.

November 30, 2025
5 min read
NetmarbleData BreachGamingPIIIncident Response +1 more
Gaming Giant Netmarble Breached, 6.1 Million Users' Data Exposed

CodeRED Alert System Hit by Ransomware, Wall Street Scrambles After Vendor Hack

HIGH

Cyber Threat Roundup: INC Ransom Hits CodeRED, Hacktivists Strike Donbas Post, and Wall Street Assesses Vendor Breach

A weekend news roundup from November 29, 2025, covered several major cyber incidents. The nationwide CodeRED emergency alert system, provided by OnSolve, was hit by an INC Ransom attack, disrupting a critical public safety service. In finance, Wall Street banks were assessing the fallout from a breach at a third-party real estate data firm, exposing ongoing supply chain risks. Additionally, the pro-Ukrainian hacktivist group Ukrainian Cyber Alliance claimed responsibility for a destructive attack on Donbas Post, the Russian-run postal service in occupied Ukraine, reportedly wiping over a thousand systems.

November 30, 2025
5 min read
RansomwareINC RansomCodeREDHacktivismSupply Chain +1 more
CodeRED Alert System Hit by Ransomware, Wall Street Scrambles After Vendor Hack

Comcast Fined $1.5M by FCC for Vendor's Data Breach

MEDIUM

Comcast to Pay $1.5 Million FCC Fine Over 2024 Data Breach at Former Vendor FBCS

Comcast has agreed to a $1.5 million settlement with the Federal Communications Commission (FCC) following a 2024 data breach at a former vendor. The breach occurred at Financial Business and Consumer Solutions (FBCS), a debt collection agency, and exposed the personal information of nearly 238,000 Comcast customers, including names, addresses, and Social Security numbers. FBCS filed for bankruptcy before disclosing the breach, leaving Comcast to face the regulatory fallout. As part of the settlement, Comcast will implement a stricter vendor security compliance plan, highlighting the growing regulatory expectation for companies to secure their entire supply chain.

November 30, 2025
5 min read
ComcastFCCData BreachSupply ChainVendor Risk +1 more
Comcast Fined $1.5M by FCC for Vendor's Data Breach

Global Infrastructure Breach Alert Confirmed as False Alarm

INFORMATIONAL

Widespread Infrastructure Breach Alert Triggered by Routine System Tests, Highlighting Flaws in Automated Monitoring

Initial reports on November 30, 2025, of a major security breach impacting global infrastructure were officially confirmed to be a false alarm. The panic was triggered when automated monitoring tools misinterpreted routine, benign system tests as a sophisticated cyberattack, leading to a cascade of incorrect alerts. While no data was stolen and no systems were compromised, the incident has exposed potential weaknesses in cyber-alerting systems and their ability to differentiate between normal administrative actions and genuine threats. The event has prompted calls for improving alert validation processes to maintain public trust.

November 30, 2025
4 min read
False PositiveSecurity OperationsSOCIncident ResponseAlert Fatigue +1 more
Global Infrastructure Breach Alert Confirmed as False Alarm

Updated Articles (1)

Supply Chain Breach at Vendor Marquis Exposes Data From Dozens of US Banks

HIGH

Ransomware Attack on Marketing Vendor Marquis Software Solutions Leads to Major Data Breach for U.S. Banks and Credit Unions

Update:

Co-Vantage Credit Union has confirmed 160,000 members were impacted by the Marquis Software Solutions data breach. The incident, which occurred on August 14, 2025, was discovered by the vendor on October 27, 2025, a delay of over two months. Affected members are being offered 24 months of identity theft protection via Epiq Privacy Solutions. The breach has also prompted investigations by class-action law firms, highlighting increased legal repercussions and a significantly larger confirmed victim count for a single institution.

November 27, 2025
Updated: November 30, 2025
6 min read
Marquis SoftwareSupply Chain AttackData BreachRansomwareFinancial Services +2 more
Supply Chain Breach at Vendor Marquis Exposes Data From Dozens of US Banks

📢 Share This Publication

Help others stay informed about cybersecurity threats

📅 Daily Edition

Curated and deduplicated every day from dozens of trusted sources — giving you one clean, consolidated view of what matters in cybersecurity.

🔢 Deduplication Applied

Related stories are merged into a single evolving article rather than repeated as separate entries — cutting through noise so you only read what's new.

🔗 Full Articles Linked

Every entry links to its full enriched article — complete with MITRE ATT&CK mappings, extracted IOCs, and actionable detection and mitigation guidance.