RadioCSIRT - Your Cybersecurity Update for Friday, November 14, 2025 (Ep. 18)
Welcome to your daily cybersecurity podcast.
🤖 Anthropic faces controversy over claims that Claude enabled fully automated cyberattacks end-to-end. Several experts question the technical validity and highlight the lack of concrete evidence.
🛡️ Fortinet confirms it silently patched a critical FortiWeb zero-day already exploited in active attacks. The discreet fix was intended to avoid tipping off threat actors monitoring patch cycles.
📞 Cisco Unified CCX: multiple critical vulnerabilities expose call-center infrastructures to compromise, enabling remote code execution and unauthorized access to sensitive systems.
🐉 Google initiates legal action to disrupt a major Chinese SMS phishing triad operating at international scale with a structured criminal infrastructure.
📡 ASUS – CVE-2025-59367: a critical flaw allows attackers to remotely access ASUS DSL routers without authentication, providing full device takeover.
🇰🇵 North Korean APT actors increasingly abuse JSON services to evade traditional detection and enhance the stealth of their command-and-control operations.
🔍 CERT-FR – Operation EndGame: CERT-FR releases a comprehensive CTI analysis detailing an advanced campaign leveraging modular techniques and distributed infrastructures targeting strategic organizations.
⚡️ Don’t think — patch! 🚀
📚 Sources:
🔗 Anthropic: https://www.bleepingcomputer.com/news/security/anthropic-claims-of-claude-ai-automated-cyberattacks-met-with-doubt/
🔗 Fortinet (FortiWeb Zero-Day): https://www.bleepingcomputer.com/news/security/fortinet-confirms-silent-patch-for-fortiweb-zero-day-exploited-in-attacks/
🔗 Cisco Unified CCX: https://cyberpress.org/cisco-unified-ccx-flaws/
🔗 Google – SMS Phishing Triad: https://krebsonsecurity.com/2025/11/google-sues-to-disrupt-chinese-sms-phishing-triad/
🔗 ASUS – CVE-2025-59367: https://securityaffairs.com/184636/security/critical-cve-2025-59367-flaw-lets-hackers-access-asus-dsl-routers-remotely.html
🔗 North Korean JSON Abuse: https://thehackernews.com/2025/11/north-korean-hackers-turn-json-services.html
🔗 CERT-FR – End-Game: https://www.cert.ssi.gouv.fr/cti/CERTFR-2025-CTI-011/
📞 Share your feedback:
📧 radiocsirt@gmail.com
🌐 www.radiocsirt.com
📰 radiocsirtintl.substack.com
#CyberSecurity #Anthropic #Fortinet #Cisco #Google #ASUS #NorthKorea #CERTFR #EndGame #CTI #RadioCSIRT 🎧🔥
Welcome to your daily cybersecurity podcast.
🤖 Anthropic faces controversy over claims that Claude enabled fully automated cyberattacks end-to-end. Several experts question the technical validity and highlight the lack of concrete evidence.
🛡️ Fortinet confirms it silently patched a critical FortiWeb zero-day already exploited in active attacks. The discreet fix was intended to avoid tipping off threat actors monitoring patch cycles.
📞 Cisco Unified CCX: multiple critical vulnerabilities expose call-center infrastructures to compromise, enabling remote code execution and unauthorized access to sensitive systems.
🐉 Google initiates legal action to disrupt a major Chinese SMS phishing triad operating at international scale with a structured criminal infrastructure.
📡 ASUS – CVE-2025-59367: a critical flaw allows attackers to remotely access ASUS DSL routers without authentication, providing full device takeover.
🇰🇵 North Korean APT actors increasingly abuse JSON services to evade traditional detection and enhance the stealth of their command-and-control operations.
🔍 CERT-FR – Operation EndGame: CERT-FR releases a comprehensive CTI analysis detailing an advanced campaign leveraging modular techniques and distributed infrastructures targeting strategic organizations.
⚡️ Don’t think — patch! 🚀
📚 Sources:
🔗 Anthropic: https://www.bleepingcomputer.com/news/security/anthropic-claims-of-claude-ai-automated-cyberattacks-met-with-doubt/
🔗 Fortinet (FortiWeb Zero-Day): https://www.bleepingcomputer.com/news/security/fortinet-confirms-silent-patch-for-fortiweb-zero-day-exploited-in-attacks/
🔗 Cisco Unified CCX: https://cyberpress.org/cisco-unified-ccx-flaws/
🔗 Google – SMS Phishing Triad: https://krebsonsecurity.com/2025/11/google-sues-to-disrupt-chinese-sms-phishing-triad/
🔗 ASUS – CVE-2025-59367: https://securityaffairs.com/184636/security/critical-cve-2025-59367-flaw-lets-hackers-access-asus-dsl-routers-remotely.html
🔗 North Korean JSON Abuse: https://thehackernews.com/2025/11/north-korean-hackers-turn-json-services.html
🔗 CERT-FR – End-Game: https://www.cert.ssi.gouv.fr/cti/CERTFR-2025-CTI-011/
📞 Share your feedback:
📧 radiocsirt@gmail.com
🌐 www.radiocsirt.com
📰 radiocsirtintl.substack.com
#CyberSecurity #Anthropic #Fortinet #Cisco #Google #ASUS #NorthKorea #CERTFR #EndGame #CTI #RadioCSIRT 🎧🔥
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.