With 2025 coming to an end, cybercrime isn’t slowing down. November has seen a surge in cyber incidents, highlighting the growing risks in both supply chains and emerging technologies.
From banking vendors and cloud services to AI platforms and public authorities, hackers have exploited weaknesses to steal sensitive data, bypass authentication and even manipulate AI systems – all leading to major breaches and privacy concerns.
In this month’s cybersecurity roundup, we take a look at the key incidents, their impact and the lessons they teach us about the need for airtight security.
Supply-chain breach exposes sensitive banking data in vendor cyberattack
A major financial services vendor, SitusAMC, suffered a cyberattack on 12th November in which hackers stole sensitive information from the company’s systems. The stolen data included banks’ accounting records, legal agreements and some customer information.
Although the company says the breach is contained and operations have been restored, it has not disclosed how many clients were affected or who carried out the attack. The FBI is assisting with the investigation, saying that banking operations have not been disrupted. This breach once again demonstrates that even highly secure industries remain vulnerable to supply-chain weaknesses in third-party vendors.
Hackers use subtle domain swap in Microsoft phishing campaign
A phishing campaign has been using the look-alike domain “rnicrosoft.com,” replacing “m” with “rn” to trick users into giving up login credentials. The fake domain closely resembles the real one due to common font rendering and is especially effective on mobile devices.
Attackers imitate Microsoft’s branding and use similar typosquatting tactics (such as swapping letters with numbers) to run credential theft and invoice scams. Security experts urge users to inspect full sender addresses, check link destinations and visit official sites directly rather than clicking unexpected email links.
Cybersecurity news shared the most common types of typosquatting variations here:
Critical Azure Bastion flaw allows attackers to bypass authentication
A critical Azure Bastion vulnerability (CVE-2025-49752) allows remote attackers to bypass authentication and gain full administrative privileges through a single network request. The flaw, caused by improper handling of authentication tokens, lets attackers replay valid credentials and take control of all virtual machines connected to the Bastion host.
All Azure Bastion deployments prior to 20th November 2025 are affected, with a maximum CVSS score of 10.0, indicating that the exploit requires no user interaction or prior access. Security teams are urged to apply patches immediately, audit admin access logs and review network segmentation to reduce risk.
Council error exposes personal details of 625 residents
South Gloucestershire Council has apologised after the personal details of 625 residents were accidentally published online for three days. The leaked information included names, addresses, phone numbers and email addresses submitted during a Local Plan consultation.
The council said the data should have been removed from a worksheet before publication, and that it was taken down as soon as the mistake was identified. The incident has been reported to the Information Commissioner’s Office, and an initial assessment suggests a low risk to those affected. Council leaders say they will follow all data protection procedures and implement measures to prevent similar breaches in future.
AI firm says Chinese-linked hackers used its chatbot for automated attacks
Anthropic claims it uncovered a Chinese state-sponsored group using its Claude chatbot to automate parts of a cyber-espionage campaign against about 30 global organisations. The attackers allegedly tricked the AI into completing small coding and analysis tasks that, combined, enabled breaches and data extraction with limited human involvement.
The company says it has banned the users and notified affected organisations, but experts argue the claims lack verifiable evidence and may overstate current AI capabilities. Critics note that AI-driven hacking remains unreliable, while some firms may be motivated to highlight such threats. Anthropic says the findings show that AI will be needed on both sides of cyber defence - even as current tools still make significant errors.
Hackers sell stolen maternity ward CCTV videos in major India cybercrime case
Police in Gujarat have uncovered a large cybercrime racket after hacked CCTV footage from a maternity hospital was found being sold on Telegram. The leaked videos, including sensitive recordings of pregnant women during medical exams, were traced back to a network of hackers who allegedly breached at least 50,000 CCTV systems across India.
Investigators say the group targeted cameras in hospitals, schools, offices and private homes, often exploiting weak or default passwords. Eight people have been arrested, and videos have been removed from Telegram and YouTube. Experts warn that poorly secured CCTV systems are widespread in India and easily compromised, urging stronger passwords, better installation practices and regular security audits. It’s also been reported that many victims are reluctant to report such breaches due to privacy concerns and social stigma, adding an extra layer of stress that cybercrime can cause.
It's time to get ahead of cyber threats
The cyber events of November show us that threats are evolving in sophistication and scope. Supply-chain attacks, AI manipulation, cloud vulnerabilities, and exposed personal data … all these things demonstrate that no sector is immune (even minor oversights can have serious consequences).
Now more than ever, businesses and MSPs must prioritise timely patching, staff awareness, third-party oversight, and proactive monitoring, at a minimum, to stay ahead of attackers.
Chat to our team about our cybersecurity vendors or read more articles like this to stay up to date with the latest cybersecurity news.
