Cyber Briefing: 2025.11.13
Chrome/Firefox patch flaws, WatchGuard bug exploited, new Android RAT sold, Iran leaks defense plans, Hyundai/Doctor Alliance breached, Google sues scammers, police disrupt malware networks.
👉 What’s trending in cybersecurity today?
Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
First time seeing this? Please Subscribe
🚨 Cyber Alerts
1. Firefox Chrome Fix High Severity Bugs
Google and Mozilla have released urgent updates for their Chrome and Firefox browsers, respectively, to patch multiple critical security vulnerabilities, though neither company reports active exploitation of these flaws in the wild.
2. CISA Warns Of WatchGuard Fireware Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical, actively exploited out-of-bounds write vulnerability (CVE-2025-9242) in WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog. The flaw affects numerous Firebox models, and despite available patches, over 54,300 instances worldwide remain vulnerable, prompting a federal mandate for urgent remediation.
3. Fantasy Hub Trojan Abuses Telegram
A new Android Remote Access Trojan (RAT) named Fantasy Hub is being sold on Russian Telegram channels via a Malware-as-a-Service (MaaS) model, offering novice cybercriminals a low-barrier-to-entry tool for extensive device control, espionage, and financial fraud by enabling the collection of sensitive data, interception of notifications, and abuse of SMS handler roles.
For more alerts, click here!
💥 Cyber Incidents
4. Iran Backed Hackers Leak Australia Plans
Iran-backed hackers stole and posted online sensitive technical plans for Australia’s new $7 billion Redback infantry fighting vehicles, targeting Israeli defense firms, including Elbit Systems, that are part of the vehicle’s supply chain. The cyberattack by the group Cyber Toufan, which involved confidential 3D renderings and specifications, highlights the increasing threat of state-sponsored hacking groups compromising sensitive military data, with Australian defense projects remaining a prime target.
5. Hackers Demand 200K From Doctor Alliance
A cybersecurity firm discovered a data cache on the dark web, allegedly stolen from the health IT platform Doctor Alliance, containing $1.24$ million sensitive patient care files. The perpetrator, using the alias “GOD,” is demanding a $\$200,000$ ransom before November 21, 2025, threatening to leak or sell the data, which includes detailed medical and personal records.
6. Hyundai Breach Risks Drivers Data
Hyundai is alerting a large number of customers about a significant data breach that occurred at one of its IT subsidiaries earlier this year. The breach at Hyundai AutoEver reportedly compromised sensitive personal data, including names and driver’s license numbers, over a period of more than a week before being contained.
For more incidents click here!
📢 Cyber News
7. Google Sues Cybercriminals Behind Lighthouse
Google has filed a major lawsuit against a China-based cybercrime organization called Smishing Triad, which has operated since 2023 and deployed a “phishing-as-a-service” kit known as Lighthouse. The group’s extensive SMS phishing (smishing) campaigns, often impersonating delivery services and banks, have reportedly targeted over one million users across 120 countries, resulting in the theft of an estimated 12 to 115 million credit cards in the U.S. alone.
8. Google Sues Text Message Scammers
Google is suing a China-based criminal network called “Lighthouse” for running a vast “Phishing-as-a-Service” operation that sells software kits used to create fake websites for widespread SMS and online scams, aiming to deter the global infrastructure of this illegal activity and protect user trust.
9. Police Take Down Major Malware Operations
Operation Endgame, a major international cybercrime action involving law enforcement from nine countries and supported by numerous private partners, successfully disrupted the infrastructure of the Rhadamanthys infostealer, VenomRAT, and Elysium botnet, taking down over 1,000 servers and seizing 20 domains. This phase also resulted in searches at 11 locations and the arrest of a key suspect in Greece linked to the VenomRAT remote access trojan.
For more news click here
📈Cyber Stocks
On Thursday, 13th November, cybersecurity stocks moved sharply lower as the sector was pulled into a broader tech-market sell-off. Investor sentiment weakened amid valuation concerns, cyclical profit-taking, and macroeconomic uncertainty, overshadowing the sector’s long-term momentum in AI-driven and zero-trust security. Despite the downturn, analysts noted that enterprise cyber spending and geopolitical threat levels remain elevated, suggesting the pullback reflects short-term volatility rather than weakening fundamentals.
CrowdStrike closed at $545.86, down 1.96%, as investors reassessed high valuations even while demand for AI-enhanced endpoint protection remains strong.
Zscaler ended at $317.08, down 4.23%, pressured by rotation out of high-growth cloud security names during a broad tech sell-off.
Palo Alto Networks finished at $210.04, down 3.74%, with concerns over near-term margins and acquisition integration outweighing its strong consolidated platform outlook.
Okta settled at $84.69, down 1.04%, reflecting continued competitive pressures in identity access management and investor caution on execution.
Fortinet closed at $82.14, down 1.79%, as firewall-cycle maturity concerns limited resilience despite persistent geopolitical cyber-risk.
💡 Cyber Tip
🔥 Firefox 145 and Chrome 142 Fix High Severity Security Flaws
Google and Mozilla have released urgent security updates for Chrome 142 and Firefox 145 to fix multiple high severity vulnerabilities. There is currently no evidence of active exploitation, but experts warn that these flaws could allow remote attacks if left unpatched.
What You Should Do
Update Google Chrome to version 142.0.7444.162 (Linux and macOS) or 142.0.7444.162 or .163 (Windows).
Update Mozilla Firefox to version 145 and apply updates for Firefox ESR 140.5 or ESR 115.30 if you use extended support versions.
Enable automatic browser updates to receive future patches promptly.
Restart your browser after updating to ensure patches are active.
Why This Matters
Chrome 142 fixes a high severity flaw in the V8 JavaScript engine (CVE-2025-13042) which could lead to denial of service or code execution. Firefox 145 fixes 16 vulnerabilities, including nine rated high severity, such as WebGPU boundary issues, a WebAssembly flaw, and a JavaScript Engine miscompilation bug. Prompt patching reduces the risk of remote attacks and strengthens your browser security.
📚 Cyber Book
Digital Fortress by Massimiliano Curcio
That concludes today’s briefing . You can check the top headlines here!
Copyright © 2025 CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.