This is today’s cyber news for November 10th, 2025. Today’s brief centers on patient espionage in the nonprofit policy world, a convincing Booking.com guest scam that installs remote access tools, and a new Google Maps path to fight coordinated review extortion. We also cover a WhatsApp image flaw used to drop LANDFALL spyware on certain Samsung phones and container-escape weaknesses in runC that threaten Kubernetes hosts. Rounding out the update: Cisco edge firewalls forced into reboot loops, seven QNAP zero-days patched, NuGet “time bombs” aimed at databases and P L Cs, a side-channel exposing A I chat topics, and a critical Cisco U C C X fix.

Leaders will hear clear business impact and response priorities across reputation, mobile, and platform risks. Defenders get concrete detection signals for identity abuse in the cloud, supply-chain hygiene for developer tools, hardened partner access in hospitality, and runtime safeguards for clusters and contact centers. Builders and platform owners will appreciate practical guidance on dependency allowlists, token rotation, and safer extension policies. The daily narrated feed is available at DailyCyber.news.