{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"BMC Daily Cyber News","title":"Daily Cyber News – November 12th, 2025","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/6f3fb3f8\"></iframe>","width":"100%","height":180,"duration":417,"description":"This is today’s cyber news for November 12th, 2025. A massive credential trove lands in Have I Been Pwned, pushing account takeover risk sharply higher. Microsoft’s monthly patches close sixty-three flaws, including one already exploited in the wild. Triofox is under live attack via a setup-route bypass, SAP fixes hardcoded credentials in SQL Anywhere Monitor, and Samsung’s latest mobile flaw enters the Known Exploited catalog. Ransomware-as-a-service expands with VanHelsing, Synology’s BeeStation faces an unauthenticated zero-day, and Brazil sees WhatsApp-driven bank session hijacking. Rounding out the brief: GootLoader’s stealthy web-font trick and fresh Ivanti Endpoint Manager issues that enable arbitrary file writes.You’ll hear what changed, why it matters, who is most exposed, and the near-term moves that shrink risk. Leaders get business-impact framing; defenders get plain-English signals to watch and pragmatic steps tied to identity, patching, and endpoint controls. The focus is tight: the Top 10 from today’s newsletter only—no filler. It’s a fast, narrated briefing for students and practitioners alike, available at DailyCyber.news.","thumbnail_url":"https://img.transistorcdn.com/ztVAazvsFi_NkDzeczJmr6VfZy9Dch1_T742fH8_Zd4/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8wNzA5/NzI0YjZhNmM2MjYy/ZGJmNjMzNWJlMGQ0/ZjJhZS5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}