Another week, another reminder that cybersecurity never sleeps—and neither do the threat actors! 😅

From record-breaking DDoS attacks and zero-day exploits to nation-state espionage campaigns and AI-powered fraud, this week’s #FWU covers the full spectrum of cyber chaos. We’re talking about breaches at major platforms, government policy debates, and even Cloudflare accidentally breaking the internet with a file that got too big (relatable, honestly).

Whether you’re worried about your smart toaster joining a botnet or just want to stay informed on the latest threats, check out this week’s curated cybersecurity intel.

Major Cyberattacks & Incidents

This week saw multiple data breaches hitting major tech platforms affecting millions of users.

• 📦 DoorDash confirmed a data breach compromising customer phone numbers and physical addresses, though the company states no sensitive payment information was accessed. (Published on 17-Nov-2025, TechCrunch). Read More

• 🖱️ Logitech disclosed a data breach after being listed on the Cl0p ransomware leak site, following the broader Oracle hack campaign affecting multiple vendors. (Published on 17-Nov-2025, SecurityWeek). Read More

Malware & Vulnerabilities

Critical zero-days and sophisticated malware campaigns dominated the threat landscape this week.

• 🎣 EVALUSION ClickFix campaign leverages social engineering to deploy Amatera Stealer and NetSupport RAT, representing an evolution of the ACR Stealer family. (Published on 17-Nov-2025, The Hacker News). Read More

• 💻 Cursor AI coding tool vulnerability allows malicious MCP servers to hijack the internal browser, enabling credential-stealing attacks against developers. (Published on 17-Nov-2025, Dark Reading). Read More

• 🛡️ Fortinet released emergency patches for FortiWeb zero-day vulnerability actively exploited by threat actors in the wild. (Published on 18-Nov-2025, BleepingComputer). Read More

• 🌐 Google patched CVE-2025-13223, a type confusion vulnerability in Chrome’s V8 JavaScript engine being actively exploited for arbitrary code execution. (Published on 17-Nov-2025, The Hacker News). Read More

• 📱 Sturnus banking trojan targets European users through WhatsApp, Telegram, and Signal messages as attackers expand mobile malware capabilities. (Published on 20-Nov-2025, SecurityWeek). Read More

• 🔌 D-Link warned of three remotely exploitable command execution vulnerabilities in all DIR-878 router models, despite reaching end-of-service status. (Published on 20-Nov-2025, BleepingComputer). Read More

• ⚠️ Oracle Identity Manager critical flaw CVE-2025-61757 possibly exploited as zero-day, enabling unauthenticated remote code execution attacks. (Published on 21-Nov-2025, SecurityWeek). Read More

DDoS, Outages & Infrastructure

Record-breaking attacks and infrastructure failures tested resilience this week.

• ⚡ Microsoft Azure blocked a record 15.72 Tbps DDoS attack from the Aisuru botnet leveraging over 500,000 IP addresses worldwide. (Published on 17-Nov-2025, BleepingComputer). Read More

• ☁️ Widespread Cloudflare outage disrupted major websites globally, triggered by a corrupted bot management file that suddenly doubled in size. (Published on 18-Nov-2025, Ars Technica). Read More

Espionage & Data Extraction

Nation-state actors ramped up sophisticated campaigns targeting critical sectors.

• 🇮🇷 Iranian UNC1549 threat group deployed DEEPROOT and TWOSTROKE backdoors in sustained espionage attacks against aerospace, aviation, and defense industries across the Middle East. (Published on 18-Nov-2025, The Hacker News). Read More

• 🇨🇳 APT24 deployed previously undocumented BADAUDIO malware in nearly three-year espionage campaign compromising Taiwan and over 1,000 domains. (Published on 21-Nov-2025, The Hacker News). Read More

AI & Policy

Artificial intelligence and regulatory developments shaped security conversations this week.

• 🇬🇧 UK’s proposed cyber ransom payment ban faces criticism for potentially risking collapse of essential services unable to recover from attacks. (Published on 17-Nov-2025, Slashdot). Read More

• 🤖 AI arms race accelerates as nation-state threats from China, Russia, Iran, and North Korea evolve with quantum risks and telecommunications vulnerabilities. (Published on 19-Nov-2025, The CyberWire). Read More

• 🎭 GenAI and deepfakes drive surge in digital forgeries and biometric fraud, helping attackers bypass identity verification and open fraudulent accounts. (Published on 18-Nov-2025, Infosecurity). Read More

• 📊 Gartner predicts 40% of organizations will suffer security incidents from shadow AI deployments by 2030 as ungoverned AI use expands. (Published on 20-Nov-2025, Infosecurity). Read More

• 🚫 Five Eyes coalition sanctioned Russia-based bulletproof hosting providers Media Land and Aeza Group, disrupting cybercriminal infrastructure networks. (Published on 19-Nov-2025, CyberScoop). Read More

Cybersecurity Tools & Techniques

New defensive capabilities aim to counter evolving threats.

• 🛡️ Avast launched free AI-powered Scam Guardian worldwide, analyzing websites, messages, and links to detect emerging threats with 24/7 assistance. (Published on 21-Nov-2025, BleepingComputer). Read More

Vulnerability Research & Industry Analysis

Security gaps in legacy systems continue exposing critical infrastructure.

• 📝 Outdated government web forms place millions at risk as sensitive citizen data is collected through insecure, non-compliant legacy systems. (Published on 21-Nov-2025, CyberScoop). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!