This is today’s cyber news for November eighteenth, twenty twenty five. In this episode, you will hear how a third-party breach at a major political advocacy group, new North Korean supply chain malware, and data theft from a state attorney general’s office are reshaping the privacy and regulatory picture. We also cover active exploitation of a Fortinet web firewall flaw, a record breaking cloud denial of service attack on Microsoft Azure, and fresh pressure on email trust after a DoorDash spoofing weakness. Rounding things out, the brief walks through an alleged ransomware hit on Under Armour, breaches at Princeton and a French fiber provider, a Dutch takedown of bulletproof hosting, and the RondoDox botnet abusing old XWiki bugs.

Leaders, defenders, and builders will get a fast, plain English rundown that connects technical incidents to business risk, resilience planning, and fraud trends. You will hear how attacker tactics around supply chain implants, payroll fraud, and infrastructure abuse are evolving, and what it means for priorities like vendor governance, backup strategy, and secure-by-design coding. The brief focuses on practical signals to watch in your own logs and access patterns so you can adapt controls without drowning in detail. A narrated feed of these daily episodes is also available at DailyCyber.news.