Month: November 2025

CrowdStrike said on November 21, 2025 that an insider shared screenshots of internal systems with hackers, after members of threat groups ShinyHunters, Scattered Spider, and Lapsus$ posted them on Telegram.

ShinyHunters said that they allegedly agreed to pay the insider $25,000 to provide them with access to CrowdStrike’s network. They further claim that they ultimately received SSO authentication cookies from the insider, but by then, the suspected insider had already been detected by CrowdStrike, which had shut down his network access.

The company stresses that no systems were breached and no customer data was exposed.

“We identified and terminated a suspicious insider last month following an internal investigation that determined he shared pictures of his computer screen externally,” a CrowdStrike spokesperson told BleepingComputer. “Our systems were never compromised and customers remained protected throughout. We have turned the case over to relevant law enforcement agencies.”

Read more about it here.

Microsoft said on November 17, 2025 that its Azure DDOS Protection successfully mitigated the largest cloud DDOS attack ever recorded, at 15.72 Tbps (Tera bits per second) and 3.64 billion pps (packets per second). The attack involved extremely high-rate UDP floods targeting a specific public IP address, launched from over 500,000 source IPs across various regions. The sudden UDP bursts had minimal source spoofing and used random source ports.

The attack originated from Aisuru botnet. Aisuru is a Turbo Mirai-class IoT botnet that frequently causes record-breaking DDoS attacks by exploiting compromised home routers and cameras/DVRs, mainly in residential ISPs in the United States and other countries.

Read more about it here.

The Canadian Centre for Cyber Security warned on October 29, 2025 that hacktivists have repeatedly breached critical infrastructure systems in the country.

“One incident affected a water facility, tampering with water pressure values and resulting in degraded service for its community. Another involved a Canadian oil and gas company, where an Automated Tank Gauge (ATG) was manipulated, triggering false alarms. A third one involved a grain drying silo on a Canadian farm, where temperature and humidity levels were manipulated, resulting in potentially unsafe conditions if not caught on time.” says the alert posted by the Canadian Centre for Cyber.

They advised organizations to maintain an up-to-date inventory of internet-accessible Industrial Control Systems (ICS) devices, replace direct exposure with VPNs with two-factor authentication, and apply the Cyber Centre’s Readiness Goals to strengthen cyber defense.

Read more about it here.