CyberNews: 17/11/2025 Edition

Today’s roundup

Summary

Microsoft released its November 2025 Patch Tuesday updates, addressing over 60 vulnerabilities across its products, including an actively exploited zero-day memory corruption bug, CVE-2025-62215. The updates also include a critical GDI+ component flaw (CVE-2025-60274) and an Office vulnerability (CVE-2025-62199) enabling remote code execution. Additionally, Microsoft issued an out-of-band update (KB5071959) to resolve issues with Windows 10 Extended Security Update (ESU) program enrollment.


Threat actor Dragon Breath has been observed deploying a modified Gh0st RAT using a multi-stage loader named RONINGLOADER. This campaign primarily targets Chinese-speaking users, employing trojanized NSIS installers disguised as legitimate applications like Google Chrome and Microsoft Teams to disable security tools and deliver the remote access trojan.


Luxury car manufacturer JLR reported a significant financial impact from a major ransomware attack, contributing to a $258 million one-off hit in its Q2 earnings. The incident led to overall Q2 losses of $639 million, underscoring the substantial financial repercussions of major cyberattacks on corporations.


Google announced that the continued integration of the Rust programming language in Android development has reduced memory safety vulnerabilities to below 20% of total vulnerabilities for the first time. This achievement reflects a 1000x reduction in memory safety vulnerability density compared to Android's C and C++ codebase, significantly enhancing the operating system's security posture.

Want to dig deeper?

Vulnerabilities