RadioCSIRT – Your Cybersecurity Update for Wednesday, 26 November 2025 (Ep.32) episode artwork

EPISODE · Nov 26, 2025 · 16 MIN

RadioCSIRT – Your Cybersecurity Update for Wednesday, 26 November 2025 (Ep.32)

from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ

Welcome to your daily cybersecurity briefing.💻 JackFix: Fake Windows Update Malware – A new campaign is distributing the JackFix malware through fake Windows Update pop-ups, enabling payload execution and stealthy installation of persistent backdoors.🇫🇷 CERT-FR: PrimX Targeted – CERT-FR has issued an advisory detailing a compromise affecting PrimX, involving a vulnerability that allows security bypass and unauthorized access to protected data.🐦 X / Twitter: Massive Internal Exposure – A misconfiguration at X exposed a wide range of internal metadata, service identifiers, and backend endpoints, revealing the scale of the platform’s internal systems.🇷🇺 Russia & North Korea: Coordinated Operations – New reporting highlights increased collaboration between Russian and North Korean APT groups conducting joint cyber-espionage operations.🍎 macOS: Flexible Ferret Malware – Fake LinkedIn job offers are being used to deliver Flexible Ferret, a macOS malware capable of stealing tokens, browser data and sensitive user information.🛡️ Cobalt Strike 4.12 Released – The latest Cobalt Strike update includes hardened Beacon behavior, improved evasion techniques, and expanded support for offensive infrastructure setups.🇷🇺 Russia: Tech Entrepreneur Arrested – Authorities have arrested a Russian tech entrepreneur on charges of treason, alleging that he transferred sensitive information to a foreign state.📶 ASUS AiCloud: Critical Auth Bypass – ASUS warns of a critical authentication bypass affecting multiple AiCloud router models, allowing attackers to fully compromise affected devices.🤖 NVIDIA DGX Spark: CVE-2025-33187 – A critical flaw (CVSS 9.3) in NVIDIA DGX Spark exposes AI model secrets and enables full system takeover due to a memory isolation failure.📡 Huawei & State Surveillance – New analysis details how Huawei’s ecosystem supports large-scale surveillance capabilities through partnerships and integration in critical infrastructures.🚨 OnSolve CodeRED: Emergency Alerts Down – A cyberattack on OnSolve has disrupted CodeRED emergency alert systems, preventing the broadcast of critical public safety notifications.⚡ Don’t Think – Patch Now and ask later.📚 Sources:🔗 JackFix – The Hacker Newshttps://thehackernews.com/2025/11/jackfix-uses-fake-windows-update-pop.html🔗 CERT-FR – PrimXhttps://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-1038/🔗 X Exposure – Weaponized Spaceshttps://weaponizedspaces.substack.com/p/x-just-accidentally-exposed-a-vast🔗 Russia / North Korea Operations – CyberPresshttps://cyberpress.org/russia-north-korea-hackers/🔗 Flexible Ferret – Malwarebyteshttps://www.malwarebytes.com/blog/news/2025/11/fake-linkedin-jobs-trick-mac-users-into-downloading-flexible-ferret-malware🔗 Cobalt Strike 4.12 – CyberPresshttps://cyberpress.org/cobalt-strike-4-12-released/🔗 Russia Arrest – The Recordhttps://therecord.media/russia-arrests-tech-entrepreneur-treason🔗 ASUS AiCloud – BleepingComputerhttps://www.bleepingcomputer.com/news/security/asus-warns-of-new-critical-auth-bypass-flaw-in-aicloud-routers/🔗 NVIDIA DGX Spark – SecurityOnlinehttps://securityonline.info/critical-patch-nvidia-dgx-spark-flaw-cve-2025-33187-cvss-9-3-exposes-ai-secrets-to-takeover/🔗 Huawei Surveillance – Schneierhttps://www.schneier.com/blog/archives/2025/11/huawei-and-chinese-surveillance.html🔗 OnSolve CodeRED – Security Affairshttps://securityaffairs.com/185075/cyber-crime/emergency-alerts-go-dark-after-cyberattack-on-onsolve-codered.html📞 Your feedback is welcome!📧 Email: [email protected]🌐 Website: https://www.radiocsirt.com📰 Weekly Newsletter: https://radiocsirtintl.substack.com

NOW PLAYING

RadioCSIRT – Your Cybersecurity Update for Wednesday, 26 November 2025 (Ep.32)

0:00 16:06

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of RadioCSIRT - English Edition?

This episode is 16 minutes long.

When was this RadioCSIRT - English Edition episode published?

This episode was published on November 26, 2025.

What is this episode about?

Welcome to your daily cybersecurity briefing.💻 JackFix: Fake Windows Update Malware – A new campaign is distributing the JackFix malware through fake Windows Update pop-ups, enabling payload execution and stealthy installation of persistent...

Can I download this RadioCSIRT - English Edition episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!