Operation spyGPT.

Anthropic reports China-linked hackers used Claude AI in an automated espionage campaign. Google reconsiders its upcoming “Developer Verification” policy for Android. AT&T customers affected by two data breaches in 2024 can now file claims. Nearly 10,000 Washington Post employees were affected by a data breach. ASUS and Imunify360 patch critical flaws. DoorDash discloses a data breach. Checkout.com donates the ransom to researchers. Kraken ransomware benchmarks systems before encryption. Mike Arrowsmith, Chief Trust Officer of NinjaOne, shares his thoughts on how cyber may be heading for its California fire insurance moment. AI ChatBot toys behave badly.

Today is Friday November 14th 2025. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

Anthropic reports China-linked hackers used Claude AI in an automated espionage campaign. 

Chinese state-sponsored hackers used Anthropic’s Claude AI tools in a September cyber-espionage campaign that the company describes as the first reported case of an AI agent automating most phases of an attack with limited human input. According to Anthropic, the group—assessed with high confidence as China-linked—used Claude Code to handle up to 90 percent of tasks across reconnaissance, exploitation, and data collection, with humans guiding only a handful of key decisions. The operation targeted about 30 technology firms and government agencies, though only a small number of attempts succeeded. Outside researchers questioned the significance, noting that attackers relied on common open-source tools and that Claude frequently hallucinated results, limiting effectiveness. They also argued that AI has not yet produced the dramatic offensive gains some vendors suggest. China’s Foreign Ministry rejected unproven accusations. Researchers broadly agree that AI can streamline workflows, but fully autonomous, high-impact attacks remain elusive.

Google reconsiders its upcoming “Developer Verification” policy for Android. 

Google is softening its upcoming “Developer Verification” policy after significant backlash from Android users and developers. The policy, announced in August and set to begin in 2026, would require all apps on certified Android devices to come from developers who verified their identities, a move meant to curb malware in sideloaded apps. Critics objected to the required fees and government ID checks, and projects like F-Droid warned the rules threatened the open Android ecosystem. In response, Google will create a lighter-weight account for developers distributing apps to small audiences and a new install flow that lets advanced users sideload unverified apps with added warnings. Early-access invitations are rolling out now. Verification becomes mandatory in select countries in late 2026, with worldwide adoption planned for 2027.

AT&T customers affected by two data breaches in 2024 can now file claims. 

AT&T customers affected by two data breaches in 2024 can file claims for part of a $177 million class-action settlement. The first breach, disclosed in March, exposed sensitive personal data on the dark web. A second breach in July involved limited data taken from a third-party cloud workspace. Eligible customers may receive up to $5,000 or $2,500 depending on the incident, with some qualifying for both. Claims are due by Dec. 18 and can be submitted at telecomdatasettlement.com.

Nearly 10,000 Washington Post employees were affected by a data breach. 

Nearly 10,000 current and former Washington Post employees and contractors were affected by a data breach tied to attacks on vulnerable Oracle E-Business Suite systems. A threat actor linked to Cl0p ransomware exploited zero-day flaws across dozens of organizations, stealing more than 120 GB of Post data and later attempting extortion. Compromised information includes names, bank and routing numbers, Social Security numbers, and tax IDs. The Post says hackers accessed data between July and August, aligning with reports that exploitation began months before patches were released.

ASUS and Imunify360 patch a critical flaws. 

ASUS has issued new firmware to fix a critical authentication bypass flaw, CVE-2025-59367, affecting DSL-AC51, DSL-N16, and DSL-AC750 routers. The vulnerability lets remote, unauthenticated attackers access unpatched devices exposed online with minimal effort. Firmware version 1.1.2.3_1010 resolves the issue, and ASUS urges all users to update. For devices that cannot be patched, ASUS advises disabling internet-facing services such as remote WAN access, port forwarding, DDNS, VPN servers, DMZ, and FTP. Users should also strengthen passwords, avoid credential reuse, and regularly check for updates. While there are no active exploitation reports, router flaws are frequently targeted for botnet activity. ASUS has recently patched other serious vulnerabilities, and past incidents show attackers leveraging router bugs to compromise thousands of devices.

A newly patched flaw in Imunify360, a security suite protecting roughly 56 million Linux-hosted websites, could allow attackers to execute arbitrary code and potentially take over shared hosting environments. Patchstack says the issue is triggered when Imunify360’s Ai-Bolit malware scanner processes a specially crafted file, allowing code to run with root privileges. Cloud Linux confirmed the “critical” vulnerability and released a fix on October 21, though no CVE was assigned. Technical details and a proof-of-concept are now public, and providers are urged to check for compromise.

DoorDash discloses a data breach. 

DoorDash has disclosed an October 2025 data breach caused by a successful social engineering scam against an employee. The company says an unauthorized party accessed and took user contact information, including names, physical addresses, phone numbers, and email addresses. DoorDash did not specify how many people were affected but confirmed that consumers, Dashers, and merchants were among those impacted. Notifications began going out on November 13, with many reaching Canadian users, though a broader advisory suggests the incident may extend beyond Canada. This is DoorDash’s third major breach after incidents in 2019 and 2022. Users have criticized the company for taking 19 days to issue notices. DoorDash advises customers to watch for phishing attempts and says it has strengthened security and notified law enforcement.

Checkout.com donates the ransom to researchers. 

Checkout.com says it was hit by an extortion attempt by the ShinyHunters group, which accessed data stored in a legacy third-party cloud system used before 2020. The company estimates that fewer than 25 percent of current merchants are affected. The compromised system held internal documents and onboarding materials, not payment data. Checkout.com says its live processing platform was untouched and no card numbers or merchant funds were accessed. The company acknowledges the legacy system should have been properly decommissioned and is contacting impacted partners while working with regulators and law enforcement. Refusing to pay the ransom, Checkout.com will instead donate the equivalent amount to cybersecurity research at Carnegie Mellon University and the University of Oxford. The company says transparency and trust remain its priorities.

Kraken ransomware benchmarks systems before encryption. 

Kraken ransomware, a successor to the HelloKitty operation, now incorporates a rare benchmarking feature that tests each compromised machine to determine how quickly it can encrypt data without overloading system resources. Cisco Talos says Kraken creates and encrypts temporary files to decide between full or partial encryption. Active since early 2024, the group conducts big-game hunting attacks with data theft and lists victims across the U.S., UK, Canada, Panama, Kuwait, and Denmark. Kraken intrusions typically begin by exploiting SMB flaws, then using stolen admin credentials, Cloudflared tunnels, and SSHFS to move laterally and exfiltrate data. Windows and Linux/ESXi variants include modules to target databases, network shares, local drives, virtual machines, and more. Kraken also launched a cybercrime forum to support its operations, and ransom demands can reach $1 million.

AI ChatBot toys behave badly. 

Researchers have now confirmed what many parents long suspected: giving a teddy bear the verbal powers of a Silicon Valley chatbot may, in fact, be a terrible idea. In tests of three AI-powered toys, the U.S. Public Interest Research Group found the gadgets behaved less like cuddly companions and more like unfiltered internet strangers. Given just a bit of conversation, the toys began offering children tips on locating kitchen knives, lighting matches, and, in one memorable case, exploring a wide range of sexual fetishes. The worst offender, FoloToy’s Kumma, managed to pivot from “safety first, little buddy” to full-blown kink tutorials with unsettling enthusiasm. Researchers warn that the holiday rush will put millions of these lightly-regulated devices into homes long before anyone understands their developmental impact. As PIRG’s RJ Cross put it, if she were a parent, she would not hand her child a chatbot in a bear suit—no matter how cute its face is.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

 

N2K’s senior producer is Alice Carruth. Our producer is Liz Stokes. We’re mixed by Elliott Peltzman and Tré Hester, with original music by Elliott Peltzman. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher, and I’m Dave Bittner. Thanks for listening.