EPISODE · Nov 18, 2025 · 11 MIN
RadioCSIRT – Your Cybersecurity update for Tuesday, November 18, 2025 (Ep.22)
from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ
Welcome to your daily cybersecurity podcast.🛰️ Australia’s Cyber Arrow Exercise: a large-scale national drill uniting government, industry and critical-infrastructure operators in the energy, communications and finance sectors, focusing on detection capabilities, digital forensics and major incident response readiness.🛡️ Multiple Vulnerabilities in NetApp Products: several flaws impacting Brocade SANnav and HCI Compute Node Bootstrap OS, enabling remote denial of service, data confidentiality breaches and integrity compromise.⚠️ Critical Mozilla Thunderbird Vulnerabilities: issues affecting versions prior to 140.5 and 145, allowing remote arbitrary code execution, security-policy bypass and other unspecified behaviors.🏢 Mattermost Server Vulnerabilities: several versions in the 10.11.x, 10.12.x and 11.0.x branches exposed to a security issue undisclosed by the vendor.🔍 Coinbase Breach Timeline Disputed: a researcher says he reported an attempted fraud on January 7 using detailed stolen personal data, challenging Coinbase’s official disclosure timeline published in May.🌩️ Record 15.72 Tbps DDoS Attack Mitigated: Microsoft automatically blocked an AISURU-driven massive assault launched from hundreds of thousands of compromised IoT devices and targeting a public IP address in Australia.🧩 Google Patches Actively Exploited Chrome Zero-Day: a V8 type-confusion bug tracked as CVE-2025-13223 and exploited in the wild, fixed alongside another similar engine vulnerability in the latest Chrome update.💥 Critical W3 Total Cache Vulnerability: an unauthenticated command-injection flaw tracked as CVE-2025-9501, allowing remote code execution through malicious WordPress comments on more than one million vulnerable sites.📧 Thunderbird 145 Updates: new Microsoft Exchange support via EWS, improved syncing and performance, DNS-over-HTTPS, enhanced manual configuration and numerous functional and UI fixes.⚡️ Don’t think — patch! 🚀📚 Sources:🔗 Cyber Arrow Exercise – Australian Cyber Security Centrehttps://www.cyber.gov.au/view-all-content/news/exercise-cyber-arrow🔗 NetApp Vulnerabilities – CERTFR-2025-AVI-1015https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-1015/🔗 Mozilla Thunderbird Vulnerabilities – CERTFR-2025-AVI-1016https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-1016/🔗 Mattermost Vulnerabilities – CERTFR-2025-AVI-1017https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-1017/🔗 Coinbase Breach Timeline – The Registerhttps://www.theregister.com/2025/11/17/coinbase_breach_timeline/🔗 AISURU DDoS Attack – The Hacker Newshttps://thehackernews.com/2025/11/microsoft-mitigates-record-572-tbps.html🔗 Chrome V8 Zero-Day – The Hacker Newshttps://thehackernews.com/2025/11/google-issues-security-fix-for-actively.html🔗 W3 Total Cache Command Injection – CyberPresshttps://cyberpress.org/w3-total-cache-command-injection-flaw/🔗 Thunderbird 145 – OMG!Ubuntuhttps://www.omgubuntu.co.uk/2025/11/thunderbird-145-microsoft-exchange-support-ews 📞 Share your feedback:📧 [email protected]🌐 www.radiocsirt.org📰 radiocsirtintl.substack.com#CyberSecurity #CyberThreats #DDoS #ZeroDay #Chrome #WordPress #NetApp #Thunderbird #Mattermost #Coinbase #RadioCSIRT #Raclette 🎙️
NOW PLAYING
RadioCSIRT – Your Cybersecurity update for Tuesday, November 18, 2025 (Ep.22)
No transcript for this episode yet
Similar Episodes
Mar 31, 2026 ·143m
Mar 24, 2026 ·88m
Feb 27, 2025 ·73m