This is today’s cyber news for November 7th, 2025. We lead with a confirmed incident at the Congressional Budget Office, where compromised mailboxes and files could expose draft budget work and internal policy discussions. Nevada’s rare after-action report then maps a ransomware crew’s path from a trojanized admin tool to encrypting roughly sixty agencies, surfacing practical fixes. Cisco warns unpatched Secure Firewall devices can reload under attack, and separately ships a critical contact-center fix that closes a root-level takeover. SonicWall says a state actor accessed a cloud-backup environment, raising follow-on intrusion risk from exposed rules and credentials. Taken together, these stories underscore how edge resilience and disciplined vendor hygiene can prevent outages and ugly surprises.

Listeners will also hear a concise rundown of Clop’s claim against the Washington Post, Sandworm’s destructive wipers hitting parts of Ukraine’s grain sector, and new findings that ChatGPT and similar platforms can leak data or keep sessions alive longer than intended. We close with Google’s warning about self-modifying malware and a malicious Visual Studio Code extension that briefly delivered ransomware. Leaders get plain business impact and priority calls; defenders get clear signals to watch and immediate steps. The daily feed and narrated archive are available at DailyCyber.news.