RadioCSIRT – Your Cybersecurity Update for Saturday, 29 November 2025 (Ep.35) episode artwork

EPISODE · Nov 29, 2025 · 8 MIN

RadioCSIRT – Your Cybersecurity Update for Saturday, 29 November 2025 (Ep.35)

from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ

Welcome to your daily cybersecurity briefing.CVSS v4.0 – Understanding the New Vulnerability Scoring ModelA new analysis from Malwarebytes provides a clear breakdown of CVSS v4.0, detailing how the updated framework shifts focus toward exploitability, environmental modifiers, and attacker utility. The article highlights changes in severity interpretation, granularity in attack requirements, and the impact of supplemental metrics—key for vulnerability prioritization across CERT, SOC, and risk teams.Tomiris Deploys New Malware ToolsKaspersky researchers have identified new components in the Tomiris malware ecosystem, including updated loaders and covert communications modules. These additions reinforce Tomiris’ operational overlap with Turla-linked activity while demonstrating improvements in stealth, modularity, and long-term persistence tactics used across Central Asian and Middle Eastern networks.CISA Adds New KEV EntryCISA has added one vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog. The advisory stresses active exploitation in the wild and mandates federal agencies to apply mitigation measures before the deadline. The alert underscores CISA’s continued emphasis on exploitation-based risk scoring and operational directives for rapid patching.Legacy Python Bootstrap Scripts Create Supply Chain ExposureA report from The Hacker News warns that outdated Python bootstrap scripts used in legacy automation pipelines can introduce severe supply chain weaknesses. The issue stems from insecure dependency retrieval mechanisms, outdated hashing practices, and implicit trust in remote package sources—raising the risk of tampering and malicious code injection in CI/CD environments.Don’t Think – Patch Now.Sources:Malwarebytes – CVSS v4.0 -  https://www.malwarebytes.com/blog/news/2025/11/how-cvss-v4-0-works-characterizing-and-scoring-vulnerabilitiesSecurelist – Tomiris - https://securelist.com/tomiris-new-tools/118143/CISA – KEV Catalog Update - https://www.cisa.gov/news-events/alerts/2025/11/28/cisa-adds-one-known-exploited-vulnerability-catalogThe Hacker News – Python Bootstrap Risk - https://thehackernews.com/2025/11/legacy-python-bootstrap-scripts-create.htmlYour feedback is welcome.Email: [email protected]: https://www.radiocsirt.comWeekly Newsletter: https://radiocsirtintl.substack.com

NOW PLAYING

RadioCSIRT – Your Cybersecurity Update for Saturday, 29 November 2025 (Ep.35)

0:00 8:04

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Al-Quran In English Dr. Soha The complete Quran translation in English, Narrated by Dr. Soha. Hosted on Acast. See acast.com/privacy for more information. The Hobbit by J. R. R. Tolkien Audiobook Raghvendra Singh The journey through Middle-earth begins here with J.R.R. Tolkien's classic prelude to his Lord of the Rings trilogy.“A glorious account of a magnificent adventure, filled with suspense and seasoned with a quiet humor that is irresistible... All those, young or old, who love a fine adventurous tale, beautifully told, will take The Hobbit to their hearts.”—The New York Times Book Review"In a hole in the ground there lived a hobbit." So begins one of the most beloved and delightful tales in the English language—Tolkien's prelude to The Lord of the Rings. Set in the imaginary world of Middle-earth, at once a classic myth and a modern fairy tale, The Hobbit is one of literature's most enduring and well-loved novels.Bilbo Baggins is a hobbit who enjoys a comfortable, unambitious life, rarely traveling any farther than his pantry or cellar. But his contentment is disturbed when the wizard Gandalf and a company of dwarves arrive on his doorstep one day to whisk him away CLO Level 3 Lessons Chinese Learn Online (CLO) Learn Mandarin Chinese with our unique structured immersion course. Each lesson continues where the previous one left off. Level 1 lessons are conducted mainly in English. Later levels in the course will be conducted in Chinese that was taught in earlier levels. Learn English with the British Council and Premier League Jack Radford

Frequently Asked Questions

How long is this episode of RadioCSIRT - English Edition?

This episode is 8 minutes long.

When was this RadioCSIRT - English Edition episode published?

This episode was published on November 29, 2025.

What is this episode about?

Welcome to your daily cybersecurity briefing.CVSS v4.0 – Understanding the New Vulnerability Scoring ModelA new analysis from Malwarebytes provides a clear breakdown of CVSS v4.0, detailing how the updated framework shifts focus toward...

Can I download this RadioCSIRT - English Edition episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!