👉 What’s going on in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get Help

🚨 Cyber Alerts

1, ASUS Flags Critical AiCloud Router Flaw

ASUS has issued new firmware to address nine security flaws in its routers, most notably a critical authentication bypass vulnerability (CVE-2025-59366) affecting devices with the AiCloud remote access feature enabled. The company strongly urges all users to update their firmware immediately to mitigate the risk of remote, unauthenticated attacks.

2. Hackers Use Blender Assets To Spread Stealc

Cybersecurity researchers have uncovered a new campaign that uses malicious Blender Foundation files (.blend) to distribute the StealC V2 information-stealing malware. This operation has been active for at least six months, involving threat actors embedding Python scripts within 3D model files shared on platforms like CGTrader, which then execute upon opening in the Blender software to infect the user.

3. Toddycat Tools Steal Outlook And M365 Data

The ToddyCat threat actor has intensified its efforts to steal corporate email data by deploying a new custom tool called TCSectorCopy and upgrading existing malware, particularly targeting email data and authentication tokens. This highly active group continues to develop sophisticated methods to bypass security measures and exfiltrate sensitive information from compromised networks

For more alerts, click here!

Subscribe Now

💥 Cyber Incidents

4. Situsamc Confirms Customer Data Breach

Real-estate financing services provider SitusAMC, which manages back-office operations for banks and lenders, recently disclosed a data breach that compromised customer information. The company is currently investigating the incident with external experts, confirming that the breach has been contained and was not a ransomware attack.

5. Russian Hackers Target US Engineering Firm

Russian intelligence-linked hackers attacked an American engineering company in an escalating cyber campaign, apparently targeting the firm due to its tenuous connection—specifically, working for a U.S. municipality with a sister city in Ukraine. This attack reflects Russia’s expanding cyber warfare tactics and its willingness to target an increasing number of governments, organizations, and private companies perceived as offering any support to Ukraine.

6. Multiple London Councils Hit By Cyber Attacks

Several London councils, including the Royal Borough of Kensington & Chelsea (RBKC), Westminster City Council, and Hammersmith & Fulham Council, have been hit by recent cyber-attacks, leading to disruptions in shared IT systems, phone lines, and other critical services. Authorities are currently working with the National Cyber Security Centre and the Met Police Cyber Crime Unit to restore systems, secure resident data, and investigate the coordinated incidents.

For more incidents click here!

Read Report

📢 Cyber News

7. Openai User Data Exposed In Mixpanel Hack

OpenAI is notifying some users of a recent data breach at its web analytics provider, Mixpanel, which occurred via a “smishing campaign” and was detected on November 8. While OpenAI’s core infrastructure, sensitive credentials, and ChatGPT content were not affected, the breach did expose limited customer identifiable information and analytics data from users of the platform.openai.com API service.

8. Amazon Uses AI Agents For Bug Hunting

The rapid advancement of generative AI is increasing both the volume of code for security teams to review and the sophistication of digital attackers. In response, Amazon is unveiling its new system, Autonomous Threat Analysis (ATA), which uses competing, specialized AI agents to proactively identify system weaknesses, perform variant analysis, and develop verified security remediations before human attackers can exploit the flaws.

9. AI Security Firm Vijil Raises 17 Million

Cybersecurity startup Vijil recently secured $17 million in Series A funding, raising its total capital to $23 million in a round led by BrightMind Partners, alongside Mayfield and Gradient. Founded by former AWS senior leaders in 2023, the California-based company will use the new capital to accelerate the deployment of its comprehensive platform, which is designed to help enterprises build, test, secure, and continuously improve reliable and safe AI agents.

For more news click here

Check Events

💡 Cyber Tip

📧 ToddyCat Tools Steal Outlook and Microsoft 365 Data

The ToddyCat threat group is expanding its operations by deploying a new tool called TCSectorCopy and upgrading older malware to steal corporate email data and authentication tokens. The group is actively targeting Outlook OST files, browser credentials, and Microsoft 365 access tokens, using a mix of custom-built utilities and adapted open-source tools.

What You Should Do

• Monitor for unusual PowerShell activity, scheduled tasks, and unexpected use of archive or browser credential tools.

• Check endpoints for unauthorized use of TCSectorCopy, ProcDump, or SharpTokenFinder.

• Enforce strong endpoint protection and block execution of unapproved administrative tools.

• Regularly review authentication logs for suspicious Microsoft 365 token usage.

• Enable conditional access policies and enforce MFA across cloud services.

Why This Matters

ToddyCat is using highly specialized methods to steal sensitive data from both on-premise Outlook installations and Microsoft 365 accounts. Their ability to extract OST files while Outlook is running, decrypt browser data, and capture live tokens gives them deep and persistent access to corporate communications. Strengthened monitoring and strict access controls are vital for early detection.

Visit Book Club

📚 Cyber Book

Secrets of Black Friday: How Shoppers Save Big, Sellers Earn More, and Everyone Stays Safe from Scams by Ruben Elliott

Get Book

That concludes today’s briefing . You can check the top headlines here!

Copyright © 2025 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.