This is today’s cyber news for November 28th, 2025. Today’s brief opens with millions of phones still following abandoned calendar links that attackers can quietly reclaim, turning old sync feeds into tracking and phishing channels. We move through an analytics vendor breach exposing OpenAI developer account details, a ransomware hit on Asahi affecting operations and data on around two million people, and twin campaigns that poison npm packages and GitHub Actions to steal secrets and threaten destructive wipes. A major Korean service provider breach spilling into financial firms rounds out the core supply-chain and data exposure stories.

Listeners will also hear how firmware flaws in Nvidia DGX Spark systems, insecure Asus AiCloud routers, and risky Entra login scripts widen the technical edges of today’s attack surface. The brief covers third-party SaaS access via Gainsight and Salesforce, NetSupport based espionage against Central Asian banks and ministries, and a teen-led hacking crew alongside an open AI toolkit, KawaiiGPT, that lowers the bar for convincing attacks. It is designed for leaders, defenders, and builders who need clear stakes, business impact, and simple signals to watch, with a narrated feed available at DailyCyber.news.

This is today’s cyber news for November 26th, 2025. Today’s rundown connects a cyberattack that silenced emergency alerts, critical flaws in a tiny cloud logging agent, and fresh warnings that secure messaging apps can still be turned into surveillance tools when phones are compromised. We also cover long-running credential leaks from online code helpers, major data exposures at an airline and a real estate finance firm, and disruptive hits to business platforms and cloud email. Rounding it out are big-picture shifts: nation-state crews pooling playbooks, seasonal phishing spikes, and new research that questions how much protection hardware security features really provide.

Listeners will hear short, clear segments on each of the twenty stories covered in the BareMetalCyber Daily Brief, focused on what happened, why it matters, and who is most exposed. The episode highlights practical angles for leaders, defenders, and builders: vendor outages that ripple into public safety, email and identity attacks that bypass passwords, creative and personal devices becoming back doors, and automation tools that lower the bar for entry-level cybercrime. It is a fast-moving audio companion to the written brief, with every headline also available in the DailyCyber.news archive.

This is today’s cyber news for November 25th, 2025. The brief follows a sweeping set of stories: a self-spreading JavaScript supply-chain attack leaking developer secrets, AI clusters hijacked through exposed orchestration tools, and quiet flaws in cloud logging and Windows update infrastructure that can turn basic plumbing into a takeover path. We also cover high-impact breaches at financial and customer-success vendors, along with data exposures at Harvard and a major dental insurer that put donor and patient details in play. Together, the episode focuses on how trusted tools, partners, and workflows are being bent to serve attackers while still looking ordinary on the surface.

Listeners will hear plain-English walk-throughs of every story from the newsletter, including consumer and creative-device threats, messaging-based banking scams, and research on attackers leaning on artificial intelligence to generate fast-mutating malware. The episode highlights what these developments mean for leaders who own risk, defenders who run infrastructure and incident response, and builders who maintain software and data pipelines. Whether you care most about supply-chain integrity, third-party risk, or policy shifts in telecom regulation, the goal is to help you update mental models without drowning in jargon. The daily feed is also available at DailyCyber.news.