Here is the most recent Cybersecurity news for the past week:
🚨 Nationwide Emergency Alert System Crippled by INC Ransomware Attack
A sophisticated ransomware attack by the INC Ransom group has crippled the OnSolve CodeRED emergency notification platform, which services hundreds of US municipalities. The incident, which began in early November, has forced the permanent decommissioning of the legacy CodeRED system and potentially exposed the personal data (names, addresses, phone numbers) of millions of residents who signed up for the alerts.
25th November 2025 Cyber Update: Nationwide Emergency Alert System Crippled by Ransomware
🏦 Major US Banks Affected by Data Breach at Real Estate Finance Vendor SitusAMC
A significant cyberattack on SitusAMC, a major real estate finance and technology vendor, has led to the compromise of corporate and customer data. The breach impacts major US banks that use the vendor’s services, including JPMorgan Chase, Citi, and Morgan Stanley, and affects the sensitive data of residential mortgage holders. The FBI is currently investigating the incident.
Major US Banks Impacted by SitusAMC Hack
⚠️ Critical Vulnerabilities Found in Open-Source Telemetry Agent Fluent Bit
Security researchers discovered five vulnerabilities in Fluent Bit, an open-source and widely used telemetry agent for collecting logs and metrics in cloud environments. The flaws, which can be chained together, include a critical path traversal vulnerability that can enable attackers to achieve log tampering and remote code execution (RCE) to compromise and take over cloud infrastructure.
Fluent Bit Vulnerabilities Expose Cloud Services to Takeover
💸 Russian Ransomware Suspect Arrested in Thailand After Years on the Run
Ianis Aleksandrovich Antropenko, a prolific Russian ransomware operator allegedly responsible for attacks between 2018 and 2022, was arrested on a Thai resort island. Antropenko was wanted by the FBI and is known for being part of a group that targeted critical infrastructure and large enterprises globally before the arrest this week.
Prolific Russian ransomware operator living in California enjoys rare leniency awaiting trial
📦 New ‘Shai-Hulud’ Supply Chain Attack Infects 640 NPM Packages
A new wave of the ‘Shai-Hulud’ supply chain attack has been detected, with over 640 packages on the popular NPM (Node Package Manager) repository infected. The attack leverages malicious code within the packages to steal developer credentials and other secrets by publishing the stolen information to public GitHub repositories.
640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack
